at(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:23:08 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:23:08 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xa1ff, 0x0, 0x0)

04:23:08 executing program 5:
mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, &(0x7f0000000000)=0x7, 0x6, 0x3)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000040)=0xfffffffffffffff7, 0x4, 0x0)
mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, &(0x7f0000000080)=0x1a0f5775, 0xffffffff, 0x1)
sigaltstack(&(0x7f0000ff9000/0x3000)=nil, &(0x7f00000000c0))
munmap(&(0x7f0000ffa000/0x2000)=nil, 0x2000)
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, &(0x7f0000000100)=0x1, 0x0, 0x7)
mbind(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x4000, &(0x7f0000000140)=0x5, 0x9, 0x4)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
mbind(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x1, &(0x7f0000000180)=0x7, 0x1339, 0x1)
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
r0 = pkey_alloc(0x0, 0x0)
pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000008, r0)
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x9)
mmap$usbmon(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4, 0x4000010, 0xffffffffffffffff, 0x400)
r1 = accept(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r1, 0xc0096616, &(0x7f0000000200)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]})
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffe000/0x1000)=nil)

04:23:08 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:08 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:08 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x14, 0x10, 0x1, 0x70bd29}, 0x14}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000000), 0x4)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_INTERFACE(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\\\x00\b\x00', @ANYRES16=0x0, @ANYBLOB="080026bd7000fbdbdf25050000000c000600020000000200000008000300", @ANYRES32=0x0, @ANYBLOB="0c000600010000000100000008000300", @ANYRES32=0x0, @ANYBLOB="0c000600020000000000000008000300", @ANYRES32=0x0, @ANYBLOB="0c0006000000000000000000"], 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x80)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000380)={0x0, <r2=>0x0, <r3=>0x0}, &(0x7f00000003c0)=0xc)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000000700000829bd7000fedb5f251d0000000800da00", @ANYRES32=r2, @ANYBLOB="a39c399ea785d1080060008e530000790ffeb561c0b70000"], 0x34}, 0x1, 0x0, 0x0, 0x4000044}, 0xc0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7}, 0x1c)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0xffffffffffffff79, &(0x7f0000000280)={&(0x7f0000000340)={0x2c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x10}]}, 0x2c}}, 0x0)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000828bd700008009a000200000008000100240000000500080000000000"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x4)
sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x28, 0x0, 0x300, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x3f, 0x2e}}}}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0xada4}]}, 0x28}, 0x1, 0x0, 0x0, 0x20040004}, 0x20000010)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/warn_count', 0x4080, 0x1)
write$cgroup_pid(r4, &(0x7f00000004c0)=0xffffffffffffffff, 0x12)
ioctl$sock_inet_udp_SIOCOUTQ(r4, 0x5411, &(0x7f0000000100))
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYRESDEC=r3], 0x100}, 0x1, 0x0, 0x0, 0x44846}, 0x4)
unshare(0x48020200)

04:23:08 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:23:08 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:23:21 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:21 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:23:21 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000340)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x4000, &(0x7f00000000c0)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
read(0xffffffffffffffff, 0x0, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x200040, 0x0)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000300)={0xffffff7f, 0x0, 0x9, &(0x7f0000000200)="4ee327a473f665be59"})
write(r2, &(0x7f0000000180)="dd8975d9d2eb389518e6d5ece8f722e079e9ec8f10122e84986aee763238801c24194552756d9bae3023bb6c959f570655f3ab442d7f", 0x36)
openat(0xffffffffffffff9c, &(0x7f0000006440)='./file0\x00', 0x8000, 0xd0)
setresuid(0xffffffffffffffff, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000001540)='./file1\x00', &(0x7f0000001580), 0x1000000, &(0x7f00000015c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {}, 0x2c, {[{@fscache}, {@mmap}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'vfat\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, '##'}}, {@fowner_eq}, {@measure}, {@obj_role={'obj_role', 0x3d, '![!-:/{)!.#-]$#'}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@seclabel}, {@obj_type={'obj_type', 0x3d, '/dev/vcsu#\x00'}}, {@obj_role}]}})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f00000000c0), 0x0)
readv(r1, &(0x7f0000000280)=[{&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/245, 0xf5}, {&(0x7f0000001480)=""/102, 0x66}], 0x3)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x98)
pread64(0xffffffffffffffff, &(0x7f00000034c0)=""/4099, 0x1003, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r3, 0x0, 0x80000001)
syz_open_dev$vcsu(&(0x7f0000001500), 0x6, 0x20e080)

04:23:21 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:23:21 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:23:21 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:21 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xf5ff, 0x0, 0x0)

04:23:21 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
io_submit(0x0, 0x2, &(0x7f0000000180)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0xff, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x2, r2}])
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff)
ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000001440)={0x0, 0x4, [0x1, 0x0, 0x3, 0x0, 0x1100000000, 0xffff]})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000440)={0x0, 0x0, "23802f108477bdc5d3317e7a1434ef1b8982d7edcfc6b5feecb6b4782e0ecea6c9488be40ef78f7f7cecb2ce449dfc642cd6de70c4fd40ddf813aea2b29a0d5c55f98da7cfdd2751c984a90c342dae8763c70ab7a6343125c163178e1753d8a75e3b876b44de5ec3128df51168edeaae6bedeb050a237f277a205c7e949de8101aa89193210f058d16a5127a4e3298f56993e22e93698571d6f5d42afe6d0f353028316b6f89e937e1ff4e843499c97a69ec66ed6b40558ee2aca38ee42197e82cb410f2e42efe769ee2730f339f2c0d23e00a16899dcba9c6ab292c7a15f149138a46f2a693ea6dff2bbc1c4b7326212f6bd2ecfe08dd02ac94d42740608284", "b235798e7d8bb1d11075acea9eed86e1acdc0d12573216a6e66348ed3ffb7c49db0bdb437c31e39b5fa9caebf0fc19cc86688375eb3707f1a9bc54fd4093e13e338819366727c96c43228b54e98ed36cf6182d3c3d6a9a5b6a904a5ed25565063cff5068e737663d9f8637c95fcec1cbe8de4aacc7bdb9705e4463dc9d86eb30774e05a87591d8ca9528710421bb960320ed9ec64954121827cfecbe8121ead0b22d3992522f82806503fa68d0d87bdc59ca487a358c36c116c99160718571e3ec5d4def63895e4ecd8f55080bc397584b19900cc0bb6a548c110a0946d0defaf360c3043439a9b990164076639da23772d3e3571d48feea88dd7b7b7ce6f9b296776753218b5bb193a742c73c587e1e2242d473c15534311bee90bd592328181a7cf0ce3cbdea50a2aedce88ca0fe19d20ff1ccc1d540027de52ce6af23d9fd17427ced87770655797c8ab43435197d1e582f8afa77b9479fdf73b77869bde4f06ed6f2106ee914709e8066e7552d52d602b44e559debde6bae55dd92a859a5d9e06dc928b47087b4fc41c70873655bf4748fe2a088407a7d3035ce5a1a493ed2fd14f090cefe1e4c547e7421482ba176e65f5f54b5461097b9dba2c70c60e72038280b8cc382482a04b440cc5e7177ed0fdd756983e6dde26b786622b3552a795a1f1d2265cde4a3bea90073dab20d8d5ce634db290dd4b8fe2575a78cce0ea7fbbd1a381c96831f21a6f5e4694de61ed7cdf636cd2eea95b53f2af3f168710351414a11a4c84364ba1a9ee0392d3fa2b7489a94e7e717cab79f26fc17e6f0bf66fa5ecbed915d4df10b4d151bf5c6fb20207e9a1c4c2e96daff0fa71034ccb297e7ad16ac48c9bd4cca12a4fe4b69c0fe802d252614cf78b88cbf61649e095eb145318039394b88369945daab75e00e5d56590030a5194409f9815aeab298e30dabf60969f4839d09841f5c2d874056003a515b2a2a68af97b351c9864e68a0c74f4796baf3e697cf823b7188d748c56ae5f0c94634e08c8ee051c6b78ee8c6f3b85206414e7b0554709922b9b7751818216872347df5b4907c2a215daa643bc7ef38645ea973d7b266f64e226828d8ef75f3a66fdead4cb082177b564c3a446bc7307f951bfc79ebbd4bee8b4ab48b935d01067bf854546fc4616ebf34209f66bc7cd43ea1772d0b2e03c39e4e58c3a2bd18a7cad8193ac86d87340ecd8c3e6273410af5cddfd6d9a23b67262e570f860ba8024add64b84d0a2435cc1765e5b1ccbdeb0f77b77e55a119605f7d70184f7d0706c13bb730b41c4868b4a88c228b4addd007861f96cfbd2db77467d0f01298a56dc3b1946311c0fd881a1278ae2df24ac0443f9a072ffd9ba6f6d9246a5515a5e482985f95ecac15e4cb2eb02933340da439cee8ddcd55e9c42b12825d55d558da46bcccab3b22cab46bf789732c09b1377053ca4a32049e734dfe214b9a2643edab6e412cb3542d03ae0a896101fb02b728b709b100f04e75ecce3a4a21e131b46572fe67f152e0fe43b6c40fabb18067d4609c13fe70373b20ccc17d859b97a5e21259755381d59092adf55381bdf6353d4df73be1be51f081f5eb640b59a90e38df63951503962dd09831a850d11c4ccb8d421fd3ecea5d630bba1c2e4b60a4d226416e1e7b9d30464f3dd713ad49f5981e88a83b0232635d7ba4ac420ae5f91c351cfa95de653eeb411968d7c0af51b68d6ee12e2364fcd483d2762f5a1771d414b85393ef5fff44ff37d6b08796de1ecd21952e3287c159ab3d0e7f8c353e4a5212f2d64fb0d377c3f590084bdfc2cfca59d52f5a7ff83cab4d8aad7e64dc61d90362fd83ce24c2b59fe89ae1bdfde0910610afeec6b6daf7d0f446f1c449eb0944979251b60503d4942d0273e77303e17852d78b7499b6b9cedc301323b5e5c9142c90299294e58507896cbefff54f55ea0bdc49cff8f9ba86e5c974636614eb9aa8bdf839a83dbc39562b3cd83f2a34594f5360f221778423c50551d7984520e2b2e4345ba99184ab20d9aa209f454a544d9c223f3c7f9e13df942b5514cdb2595116c3364131eab9071f8314dac7fc0bf69cd1458c6c43509f7380c3f92f1b45bceb5259311339698442ec4527e88b930df4ac4fbf7cb5188753b78e5719d5fed5b2779a3b6ae5cec8585d5d3cc469e8e1af0406253b47b40829adb9a273642e6a962de3990ab4597b7cf83ea91cfbe03360982ac5fee620f4fe3fc63f963f26f3bdc4d291e48b2003285496fe17d4e712ed7b16e2188631e9035a4e2e2fd08cb375a140df90402cfbe5e24b9408af1447312e9ce09307d0a1b0afabaa6491829d600a4c7e02821b87e1cc2b8c1d1d9d9b980c6d267678065b385df13eb1299b4ba1335f35d83b93ce7786b8abf9e133e1221b6f7c75530231bb705002b19fbfa7ce72b3d1e975f2949d8b619262c4ee3a0f68b4b8371c4ec460c9924cba2b9120f932fe16249eeba1718fcd8e87713b18a8d6b0bd3dcd5697d0a391174e2afab28991dd960fb98d2c359dad2675a27e39d7e5dbf8b60e9210d33d577a71e1637ec01542f26755b08cc8d8ff7030e2465c8efb29b81ddd2b88d5946913bdd44f7422bf986fc536bdd07b941ee50db7d5552544862c3c22999f905d92e05129c6be629e4f8ea50e173a35e31c1ef889a5bc0ef5997d8adecad97a4abfac6d0c1211cb00525f9632f06a836dad8c3c6aa2328b26c02775d3776179a615169662b52fed4f1171fb0ba508cf1fd0f41f297c73d715cc15eea718c4e29b3b9d750d0ec30ab4b054017ddd6eefba669f589baa9cf09e6bac8b6f5abc0901f1757efc6cab324910f17471737a003909bd81147ae580eb54759a4864f1f3482812ae69231f4c047f4142e9ee2f42f042d661a27897d4c8ce5c34229921578ab17ad9cff394fc0d270ce26f16b194e7181e767cd7004f06a1af35b8f5230c8bd22f8c759e31aee82c3cf187616d751bbb529f51e24321727e1424debd108809eb38ba0b8d88ccc07ff0120aeaf2fcee9a564a3a0b76c368c48bd6591741e8ef86908226f33ce9f28ea331e45946d1b8f3dba84e3f72aaf5c55146b627eeaa4aad44cc625d5ff65eb8a5b396d7a0b610a42ceb7e75a3ab04322af82cf4a9631e4e00c5abddf11418f45c551ba2fea62d2f444d89553ff2a795445cd11f8d1e9b65ca31da380ba63d1c6e2fa7f73c89358e0f931b9805b7a06f876a7bccabd7f178bae61c5f1c18df212cb12e17db77abf421f4e24a463bbb80f595441aa9a092f3f476214946098899b7d227b736adb81d143fc70902fcb1c65e283134777b2734d34a089dd1324d1cc64e215966b3da1a59a1c78e47085ea66a0a481f32110632097c99036bd5fe088dceb20af2ae353061da3945646ea8b836fea41bbe3053680b38aeb8cb8b065b2be086e6df1ae75fb672c983823712aaac815c6d2fdb3bccb1b0f7c3623242658b870387a383c92fbbfca2b783a37d8bf4c74d3667fe48f0f556b13cd741fb92d73810662a8c803c46896b68ece7ae957f3b1ff41d4866da9d50609b203f45062b764c3ba2facc28a134d30cc43267659241a60971e29e4c2472484a8555c9126a920f839ccaa8e697e4628f3731e4f410d3c9f2f976b3496a2f02a655fbeb10817272b30a6406314b8f21bd3ae4753425272de4c1389e2e9b10ac733c4c0da33bcf9bab34b084e4b5e8c5ed1dbc86c3b60eb2124cafdbedc9c2c5e6db4b88a0e853f878612354dd94abf431d833a35b3db068d3627d60b00931cece417295b49ba51555b0a54972df880fae08d12db590e4d6a9f36bec17ec2b10fa316b644e9c33e2cae24a978d6b03923ae4d4b0578a6945140fad6e01eac6892b8443236d9dffb2403256989f3a2f6127ff40058669314f514f191310bf6d7da751df7552c6649465c6d63c4182ec8fd2451605964ce19e3ae6eda811f50492320323ea0c18281846bf8186cb37a2e7ebf58a87f30b9787b9e7ba19a8ab43c254a44f2641492b76c79927a6f897f4844298fc902f6d529100d1a6cad06326c82c647701e363cc1f696df6c6aec1b6a9b12addbb940db69b478326283fcad248e106fddeb274e4258e8af8a3fde1ac0d0b2197cc7d362d6ea218f3164853b6f53b3b60cc5b2d65689f811b9a74efd13ad0cbf338f3ddccda8cd1d7da1dbde825e0e055eef304b13d3c5ccd8646b8b3ba58039011ce59e45315dce97ca00a0506fe0fe3dd3e253c7438c245ddd0dc230bee992cfb596c411b707086bfa3d7e9e82db3059b3167ef172f6c3679c98388f0ffde638922d323d2c44101a2edf279aff105887b901e4f6841bdaf1c630d97bb15d681aedfd4655f804407727c22e8dfbf2df11c5f2c1bfeb14667f65f3216abae3b53e4a57d6820930fff024449f88fa581dd03bba6b98e34fb9ece6b0536338d5fcbdd93240ad6904b0b42ea200a002f07f4f025271d3a38122b0dc0242d627f12eaf1ee863dd71f053e420e2ce45262070da74df0a8e079061e2562d874742f1fb095f2825a4929d71f4935859c44771dd89673c278780f3c56bb900582d5429d6719a401b7c48aec38ba4f097d9995a38b30f921515db43830c6114cff36df31b33e1bef8d0fd6b522f6e701aaf14d602ee196ff8197cb16baf99e2be797f0ffe1bb2c153d980a9a584e65f59483226a42b22656b6eeb50ed88e0ef085b394c6b6df05fa636378ef2cb1072a97c34058f9ee4cdf86a592d6dca7acac8410deff337785907c6d4dca5978b5cdafbefd8eb1a5ab0a12cee6694b418431d9cbd5bb8774509d44f47522a3afc46f986937b14ad7f5bc3c509512d2d7798d08f6f6b98ee8fbbdaed621f22bd4b904e68106ce382c3b1afc047047ac36da02b126eb5f973c15a082a8b11fd1ef8888a1a1d8a72093f8bfa1c3b6209dce0aeb2e4d6e54d86da3295ec0fb36659686624d64db3f7c1a8d8927454e838f359cfb1689bb2c6f09672790f375a84f7919c7423a7240fe0e6c80572d91f15097e6b83c7bbc419822be63d90d69a2f1d8b68651c77846edd4bfde537af5d8219f0618afec86b37c110c0ba9cbcb9e8b799813f783c377a4f405416e9c26becdfd8d2a36855c6d54535a8dfaf7161895807e9594b1c4e49b65df75a8abd9844422fc3ebeaf9d6118d378cedcd610e70c3933fde0cbd05e371892a00686b2253f07bd5c2bae3fb85f2aab5b1bbd959d844ff9626cc723e7d6ed1417bb5f1d89e98b06d0b095bc59b2dea9a43a90147049f07fd29256a8c96253e3ce2fb7a34fee3cf5bfbc2e00a484b4b80395320fc26288ee15ec5d556344fe94c06396d2264326bab3c5cc76c6316aa0cb61464b8dc69e62814e7990c8d4bdf90f0709fa94ceb1518e3c715a22d5f090c6ca8104"})
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000001640), 0x10018c6, &(0x7f0000000200)=ANY=[])
ioctl$BTRFS_IOC_SNAP_DESTROY(0xffffffffffffffff, 0x5000940f, &(0x7f0000000940)={{}, "458a8751875c6bbd4ef8cebc03ab56c9e9f1970f097d736353654138cf149974ec5098ced7c694faccc2fa293b22ae575aa90cc9af177a33637079f4370d88586917f184d83d30981b39f9faf924ca54b0d6e528847ad7000963ffff41880f0c07692ffaae1a349139ccbdb0c63d4d76e5dbf4a6e0705a0b6f975a082734d4065c524da1db596030361aa2dac37e4aea4bae574c39594cfb2c5a19efffb4ac3663a6226c6482bdf883dcec98c3fa33b6450f61bbed957ddce9c6df6f3c9e083838de4f175f5cf2aeb2f8776d8bf1d740e4f2d8e6bb44ff3f3a3f31c57602d24d7fae3563225f0b951f8fdcc70c13b0e1f97777ae15325b79b94d50245d14b24603a9e787821f5f55c781a74e62534e3307116c4de23cfc14a29d9eefc7764e4906284c35c28899f439708d896331c35c3c38d194955418ec9f0fe86036b6f8efadb169f51e2a6642ca70b14df9bc96b420d7720d002b8faae51d0dbe9d3cc3e9f088532e0300cc8137a57eea20c983ff9d38a7abeba8d54ff62c6ed1bc116b3254aa6afc65934741106475184c4b3b839d376b150fa9fc8f25a894bc5d011273f8211fda9a584f315c5b79962cff871c2d0d3f2b927878b7723384b7a26fb8b1261c7262cfe1654dfc9cc96cd638eaac06e6d8f508c2dfac8d18c6af320a40b1b9926c21a0770aa7d5515f116e3ad45a4217b976ead13211aae219193161632fe37816322829680b83e7344ac5b55a9556191016935c807e7140cdedfec331d94a336c66e116a034e6dc637f949f7a014f4e3ba919cfeb88f7003052035b05f6fa9cd44bbd29498b6cd43107e29bf8455cebc3f611855ecaa3217d61d6a17adc3ea828fa6a6be9dea3b4d9106af406acdb88985cac776420e779dd4dfeb93e6f5035067f7180a3a212f155aaf46b68c5dc60731914dfc6abb28a59ad25d5a4a59a8fbb4353404217c91fa28de12856c24add49a455715959945b5bbb1f3b0b8e855d08ed46c70ab28430e34af4f0e69d8c1ac253d22aecd4e456a5f0a0aa3f47ff5487b34f68f215c72ff2892e7df48b5f10dfa67aec723702ee415ec51b70380065841ef8a8c9b6ed977add146518a93f453304c8a60651d1635770e9cdee9373a5307073850b3376e9ad59dfd60415cb231a28aae155da7417a1d98167edfaaf84b25e0925640a17d4c73d65b33dff6e714ae97e18a302d9bdf98f1b95e2fcef4473461671db254b4a70e0b424d581edabf50a3666808c7c42a4a187b83d0cd527be5ae4456b9d907402417ec2167aa821ca9cd38a6d43b2fb528c61ec5a1576455592437a21911b64d7526abc89c47d0d9dbb6fe2eb2734d6de40c9a512474b9d0c4da522f391fe12457b85a33ba9c72d08f3961c1600def201a05c5f233a48f61727e61a6bfd395a6ff23cdc2ddd7e6a69975d4bf818bd5bec508b40f1edac7feb79feca1ece927b856d5e4d379e463f911697715f3be9724e1d4dcc173ec5b2a703e52ef302ee9bd02da9d37af4794c9b39335232984c3d98e0632087bda83844ba9fb5882b2bd329101355c12f1269fb9c2f3c360fec31eef99ec9e3217785a47212e62326ea0d07be44762a3815005a06a397ef4c6619386ea4e6fe20b55912d721d69b6669dfc1384002ba8c5b10d1d72acfce639ec1c7069d84b910177c6d88c51d15d917e30234285a32b7013a3c6718a245c5b299c5aef4e499c76da507072658c08edc0de74834cf51edcfe4fab8c40942da0adc604434c3138bdfcdac797439bf29f1349df50bc424ff9bbc102b07adc51e87920795c7e082c86c3aadbcd89f63c13760e9cd78e1033bcbf62341eb5823b329ed37a4a96adcbdfb4e2dd7dea123e36bcdbd430d346aa35888057a2dd202d859938c71d7e91b79490100eaa12668fac73fc7c75e58abe7ce87debfa711ec8a1a6d32ee2b848ec1949687f345f8f224a7660e025fb6722266aa8a6d181838f58a417ef18c32099ede4671ce8caeca663514721744a8fbca43cf82bdb877b00f7e0bb8429f2dfc6a110d6fdafd8edae53765ff2cbada8428826166eba0691fef9710731ec90a5622fb748152d8f3c8900f227a7ad2c965877362b03d6ea7e53dd180ae6e0171dc27158d3edffe30a7d24f0d1ddf064a3ebbadaa698003e17c712443c0fee266da9b45f14f54a6293ee1825fe5725251a5ffd609f51d9fc3c6989816a0b2728b284fd9d843c863dee922c56f69bd47e513a3ea0342c3f4f4a102d66d6d19a2306fb39a70b0ec9499cf3c32c886c84d05c699e4b2995e369a3e2655b48f52084f465866ba00dd89c5e07f069fda913c6322d40126ad1e65a534db97f5835ccf76f438d40eae6f9b0c1b26915a6f28c5062783eb7a7fa421bf4617a3cef4d537cc66a3028889217241a2dce3a71bcb98605d0ed30daa9f16349ec617265f9df59dfbfbad27d478d2c4900afc9fcfb894f4436c22567b24e9c83f2ea948911e60d0e91be08539d113090d4e1c92b8ef70bbfe3738e76569afcc9345941614bb63c05b55381b322f9d19bb94552678e859151ddbd6815867f7ebeef17b480ed956eb1812a5dd111c766052a3a5805ed582c479f833d39008d2a5b9f4fe26b39d815b70f271977db7fdb41d9236746279dec7300a6fab9cb79a5ab757cf3a5d4ea9d0cd33d3926f71fd995b76863e8108340b8b114f8afbeb35ad780a6d3e4484fb18201e232ffd8bbf88899fa954399190391a4dc0da88db429ee474ba1dcb4711e0807184eb6521cb89b90e566b95522ee3b4342ae14731335ecbbd49169647502622f2a55b00ef980859452d2528be5468c061a63794ed910aba1a4c7b905beb9d9221b3932408d2b42e75421c5fd5c75c9a2dea6242f248c4198c59d4d5581d6d251045a7c263f789b2cbab9343ce95e7e8ddb79f06d398bd0852a5c94441f2af37194f57d4315abf7cfe13f5c3e0a3bc728c75551b7fc35b9d232354ee5f465feb8e8572b38e38797808011c05bae8bf171e9cda178098792642d6f77245dfb86375fbbf0043e1d83b3ab7b4acb09f4ecfa33cc9af0e35c431f48c27f1f4935d5b64e993525ec91fd03e79d6fb8c690ebc0a2166f2f280618a5f0c166edcc2ffecb5be70c61d7412da173d41e5194cd77964241d499bbb0aaf0fc2e5be9da1743c1aee2bbed1f713ded25c24a7d2aa72fb2418537a6594cce4f03bb182f73449a1957054a730f9ac314b75bba3556213207d9c333845c719cbd24437f297a22d009db57484b433eba0fc3375a06db97b7cf91def47d8979550c9f10a31396c90e396048c17d99728c705f17481d836351b596fcb7bbefa9aee2646a51423b18cd75311af272f89d1a9b9b6dc445f1a44972376eadb625bccbe0c1f15d7697a43154f39cf0ab59a530d7b684edfcb5bfd9439f75426f72fd0cab683c58e039bb76174814ee6256e8767d774ebfc74b90d558e387a9b24038313cf652d747ce7da012da19e1defa69df4c1d46f904ca4f2095c605a2860772c6aa9519b8f8fea190a4df7938f47351781364e44eef3a92d868ca4e916f47f701d4b10a1a8a2ebca911f5316de3aee1d6b8d45744312314f96616ff82feacede20ec684102b436e284a569015403ce8127213dd98a207b56622b7efda5b713ffa8ea12c9bdf094dc6e21551ddedfe1f1da7eef1ac985a12cf289ce9979a9e35143148082cf6c76c857cfed94d34e72280f3142a67adb804cbac2b654a170f3a25d038e8c3561cd4054dccb384dd2eb0d976aa062e46d516320cdef40a2a372a2a5b245ad90d27b9316e491cb8681b7abcedeac46a632bf0e44d6ca9dcea9800cab8a2c634a43d3a59bdb00eb09d49e7b8b15eb6be85c3cfef89e08b91fb569cde0cab847b56f050768051b609d0a39b367225efd4b2eddb9bd4717a6a2c40b670c0d5d3f38815004916f1ff748e0134faf97210b2d12b1a8d5b38545095e9b797d78a4b35005111d0455d23616a4fca9f55e2d4e5a4f8cb047a8c2b39d100d7e90ea07fc772c94b87151563dce9dcbf1d1050eba9c67638f008775cf8372abc6e1152f7112fdce42c162de76c97355159db8cf24d8327f9646f40225da9b683efb5369343e1d0980e96f363a08d45b949e91792ef9eedd493a72cb1311e5683bd78875d29b50fd35f92559071939cc3aa89727c686c60897ec86af0c8a801ba6d11583c06a57bf97615585f2cc577b2ac6626770c265886ac912c6db4e64a15d88aa2ac3d563a0524e316d136eba08764848199713106d994160594258cdda046aeae7ed00e7e53f2e3f96fdcc114c723e80f85ab4f28ea692caeabb1c4b63271e14c5958815ecb2d57651a335b0fc8f3a51e834fff4f81b7a64affb978ed1675246f9bcde446897fd3e3c52fad2288eb4de2ef5ef21591a44163b6d324d0de83ce1a6b75d8832f4af539e530972901754268a7383434c65a4315b0e609751760106f9d2d80e14043baff55728a91c9060392df355ba736bac686cdcf21cd3037eb15b361e8eca4b6b8f90aaf2f2d643b9c6a33e573d7defbfc7bed2b0fc8b0f4e2819f733fc8f6066da1a825bfca92bd714bbfe9ceba4795918a92662bffad92e54ee9cd28fa5dd47944a13ae397238c7290c0f3026c6c11f3d720fb6e05cae298ef6a96a8ea3837ed22bdfc41078a8e217318e1fc0f52a15f9dc64a74c1df7fd6ae3439d87972a8193b6f38fbac7ef3c0a7fadf2c413e450de2f71599e7ddc5af2989da404fc612096c54d05d1423889b14444eabcfe26df15e4de160539349c121e67773f25ea8a630d834d459dbc805eedd4c90e3007a73499a7b2a5eb0d90f9d9db79956150ba776871b35d4147d42f55542165be5bacfe6293673627ad7a6735a51fea72e5bd02a63b79bd0ea5098c6bf79e821dcbd2e05e131c9eb9b859e938b53c26803f529d3e8746061228c81e4cf229b393d55468fff41dc43ba47f4148fa1ba66b8de89053b2fbbd54996ba782e78ab0d9e04f13a85bf917754ac13cfba85f2e5cbfe678448b48821b054550547c70732590092edfb65fdfb64abd65d79be6de58577f9beba8bc2377e35964dba6a825f2603d476f04583017509a67ce541092166216bef19d2b6215c625738aabae119e3dc17ad91e1bdfd5ac22709e452bd0fb2d667512b0ef627878b4956cd25a06e6b8b5751e2acfb16cbcd045f375e9b5c1057df9d8cf58af34255e782dd9cf71b0dbb56a73ffff84c4938eceeb33998afcbc99e8515c668fc5db8ca95d24c67805b6fbf86fd88986a64b86af43c880d077cc1e70346886adb60ddfe35cbcf8888c2570adac9e1f987c142fc2f125013db7cf854ac0289e3a549bdead349eb48f1217f6556c45cfcfc1d24ac6dea17655fb446fdfbd9a4ed05a2f11647a53e5dc1d1b87a54bf488d4926a2d5f478878ffd38c6a24b13bb2080b8e5e796374878a57b16f29c14d68b7fca6374801ae364e033af5875b1d3dcb69de79a776ff7bd654369f88cda77e88103f541b1cf43951951c10ed599d2e9388b7c353ffbe0521fa102742dab9fd0d5a76e398d80a5af131684c6b69aee497a0a9c650f3e53afc9a12e4ad6b316ed58c8e17f615d2ddccd3d1727bb879d142bc4d45d212d6ef98b1dcd17ec76762a0c461eeaa11d564eb638f1a097bbd1e264227a974830cd7b0d71e01b818e60d71ba4606b8bed55159d9479cd81e5ffb60df51438417138bbf9964cee8dd275ec5e7ce03135253882774cf1a9d90e503dd74ca5fb6bd7c249420ce25cef3da390788b31849"})
perf_event_open(&(0x7f0000000240)={0x5, 0x80, 0x4, 0xdd, 0x6, 0x2, 0x0, 0x10001, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x3, 0x431}, 0x30, 0x791, 0x6, 0x0, 0x1efc000000000, 0x7fff, 0xa48, 0x0, 0x8, 0x0, 0xe890}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xa001, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10009ff}], 0x0, 0x0)
sendfile(r3, r2, 0x0, 0x7ffffff9)

04:23:21 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1008.377161] 9pnet: Insufficient options for proto=fd
04:23:21 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:21 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xffa1, 0x0, 0x0)

04:23:21 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:21 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:23:21 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:23:21 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:21 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xfff5, 0x0, 0x0)

04:23:21 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
read(r1, &(0x7f00000002c0)=""/225, 0xe1)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder-control\x00', 0x800, 0x0)
dup2(r2, r0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8914, &(0x7f0000000140)={'lo\x00'})
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000080)={'sit0\x00', 0x0, 0x4, 0x85, 0x52, 0x0, 0x24, @empty, @mcast2, 0x0, 0x80, 0x402, 0xa273}})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
stat(&(0x7f0000000340)='.\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x200400, &(0x7f00000003c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@msize={'msize', 0x3d, 0xf1d}}, {@version_9p2000}, {@version_L}], [{@dont_appraise}, {@smackfstransmute={'smackfstransmute', 0x3d, ';)'}}, {@seclabel}, {@euid_gt={'euid>', 0xee00}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@audit}, {@euid_gt={'euid>', r5}}, {@seclabel}]}})
fsetxattr$security_ima(r1, &(0x7f0000000100), &(0x7f0000000240)=@sha1={0x1, "2caee3acad9db16ec4052e1707f7032b149047e0"}, 0x15, 0x6)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00')
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2)
fcntl$addseals(r1, 0x409, 0x8)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x2)

04:23:21 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1009.117457] 9pnet: Insufficient options for proto=fd
04:23:35 executing program 2:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[])
name_to_handle_at(r0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)=ANY=[@ANYBLOB="0000004e0000000800000000000000020000000000000006000000faffffffffffffff"], &(0x7f0000000480), 0x1c00)
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
openat(r2, &(0x7f0000000180)='./file0\x00', 0x101803, 0x1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, 0xffffffffffffffff, 0x0)
r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000140), 0x2402, 0x0)
perf_event_open(&(0x7f00000002c0)={0x4, 0x80, 0x0, 0x7, 0x39, 0x81, 0x0, 0x6769b196, 0x28560, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_config_ext={0x2, 0x401}, 0x24, 0x400, 0x679e, 0x6, 0x80000001, 0xe2, 0x3f, 0x0, 0xef, 0x0, 0x8}, 0x0, 0xa, r3, 0x2)
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200000, 0x6b)
openat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x8400, 0x39)
write(r2, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0)
copy_file_range(r5, 0x0, r4, &(0x7f0000000280)=0x10000, 0xc3a, 0x0)

04:23:35 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x400000, 0x0, 0x0)

04:23:35 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x442, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0xa}, 0x0, 0x0, 0x0, 0x3, 0x1, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0))
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00')
readv(r1, &(0x7f0000001600)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/4\x00')
ioctl$FIONREAD(r2, 0x6801, 0x0)
ioctl$FIONREAD(r0, 0x541b, &(0x7f0000001980))
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x53000, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f00000014c0)={{'\x00', 0x3}, {0xfc8}, 0x2, 0x0, 0x0, &(0x7f0000000340)='./file1\x00', &(0x7f0000000380)='./file0/file0/file0\x00', &(0x7f00000003c0)="08a9d9e7d37511fb52bb42ef07864ce27f2afd6c14ae09b04a1131c0dfc1ea3e903154f13ce0241180cc4f3f6975718cf63852498d5738cb71f659d7b87262ade9c3df81f53ae21ab8b032aa64e58f3522f42aff4515d5d60b79ccb997a0425eb5300b3dab350dacf5a51b32ef232c28e06432ef713e4f0103ada83027ea5c87b555d08263e66b304824c27c2631546a376216dc33d80d9662", 0x99, 0x0, &(0x7f00000019c0)={0x2, 0x170, {0x0, 0xc, 0x95, "08c0ad3d94aad5b43e66f6c685123894f2fbb5cf27a8ec5d894bb56feba513b950fbb582820752d368b3302cd8a2e78e9893f894c1c8c408783e57a159faded99c6bba3378af41d47b12185a02ac07036f86cf68738705a50b032a07936f3ad68b9f12720a9538dc0005fed1d5ad26ee161f9606d92faeefec6b1001ed3baba73c99a3041154bbfebdfae1792d4e1a5782f5c5d9af", 0xce, "5dd862a2c86fd94a686db55584f1cb9a9431013e0641195bed71e5f048d514c707daeb2c1165bc4592b4a24432cd09a4cfab3854e57722987fffcf638675bb916a075e98fc77280588ed20a53a79d4ec7bc08fa4252785be4a298888bbc06604ca1ee88e14850514c04676493141c507cc29fd49dec38f6b5d87e38c6d7900fb34765582aa35e9d1299c5ffaf859a3446466e18f001c340d2115e86c77428041b5c35dca162e010000009a1fc152b2d6e348a81b582fa95ffe9b69978066b79f5490a726aa287774e4bb6be423a3"}, 0xd2, "38afc7a805adfd6c4e491fe7f87b3085f6a5da70670ef4e05ed7d965bfe0d12f736c2f00000000000000208e932038a387adf1d9928872ce6112b18dcf4f6b37a8a448110f11b7ea79bcc376e66acf5daeb18ada85dafd4882667b7f7076539aa4807af11015147937dd95d974301156356714493f6ea06b683d52fa5139bf295214289f461612503c31c4e070ee662af57d9cebe0f380a8fadd04d770d74cc13f39fe34fc7bc961eccd7cc9910ddd6e6f9f4286e072450f7dd8507f0601ad9736a7dc339e74c2eba1b6e9bbf342aa858938"}, 0x24e})
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000040))
r3 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x80, 0x0)
preadv(r3, 0x0, 0x0, 0x401, 0x0)
getresuid(&(0x7f00000015c0), &(0x7f0000001800), &(0x7f0000001840)=<r4=>0x0)
stat(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0), 0x300020, &(0x7f0000001880)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@msize={'msize', 0x3d, 0x7e}}, {@access_any}], [{@uid_eq={'uid', 0x3d, r4}}, {@dont_hash}, {@seclabel}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@fowner_eq={'fowner', 0x3d, r5}}, {@audit}]}})
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x100000, &(0x7f0000000440)=ANY=[])
mkdir(&(0x7f0000000300)='./file0/file0\x00', 0x20)
unshare(0x48020200)

04:23:35 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:35 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:35 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:23:35 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:23:35 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:23:35 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:36 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0)

[ 1023.072157] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
04:23:36 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:23:36 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0)

04:23:36 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1023.149750] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev sda, type ext4) errno=-22
04:23:36 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:23:36 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:36 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xa1ffffff, 0x0, 0x0)

[ 1023.399256] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev sda, type ext4) errno=-22
04:23:49 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:49 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:23:49 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:23:49 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xf5ffffff, 0x0, 0x0)

04:23:49 executing program 5:
r0 = getpgid(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x22902, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f0000000140)=0xc)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000080)={0x1, 0x1, 0x8, 0x2c0, r2})
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000380)=<r3=>0x0)
r4 = syz_io_uring_complete(0x0)
kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r4, &(0x7f00000003c0)={r1, r1, 0x5})
write$cgroup_pid(r1, &(0x7f0000001780)=r0, 0x12)
syz_open_procfs$namespace(r0, &(0x7f0000000180)='ns/ipc\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0)
timer_delete(0x0)
r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040))
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01, 0x0, 0x0, {0x1}}, 0x14}}, 0x0)
read(r6, &(0x7f0000000080)=""/65, 0x41)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f00000002c0)=""/86, 0x56}, {0x0}, {&(0x7f0000000400)=""/155, 0x9b}], 0x3, 0xfffffffe, 0x1)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, r5}, './file0\x00'})
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)

04:23:49 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x62, 0xa0004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc, 0xdffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00', <r3=>0x0})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000280)={@local, @mcast2, @mcast1, 0x2, 0x5, 0x0, 0x100, 0x8, 0x2080040, r3})
setsockopt$inet6_tcp_int(r4, 0x6, 0x3, &(0x7f0000000180)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r5 = dup2(r1, r4)
accept4$inet6(r5, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote}, 0x0, 0x0)
openat(r5, &(0x7f0000000000)='./file0\x00', 0xc0, 0x50)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x8, &(0x7f0000000100)=0x8, 0x4)
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000002, 0xf154c79f1722d852, r6, 0x10000000)
pkey_mprotect(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
pkey_mprotect(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
pkey_mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff)

04:23:49 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:49 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1036.342959] audit: type=1400 audit(1705465429.294:58): avc:  denied  { execmod } for  pid=7513 comm="syz-executor.2" path="/syzkaller-testdir398577240/syzkaller.L7cM7t/110/file0" dev="sda" ino=16047 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
04:23:49 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:49 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:49 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
symlink(&(0x7f0000000940)='./file1\x00', &(0x7f0000000980)='./file0/file0\x00')
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', r1, &(0x7f0000000080)='./file0\x00', 0x2)
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000080)='./file0\x00', 0x2)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000180)=""/246, 0xf6}, {&(0x7f0000000ac0)=""/120, 0x78}, {&(0x7f0000000340)=""/167, 0xa7}, {&(0x7f0000000400)=""/95, 0x5f}, {&(0x7f0000000480)=""/218, 0xda}, {&(0x7f0000000580)=""/234, 0xea}, {&(0x7f0000000680)=""/166, 0xa6}, {&(0x7f0000000740)=""/116, 0x74}, {&(0x7f00000007c0)=""/114, 0x72}], 0x9, &(0x7f00000009c0)=""/206, 0xce}, 0x10002)

[ 1036.455584] perf: interrupt took too long (7897 > 7863), lowering kernel.perf_event_max_sample_rate to 25000
04:23:49 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xffffffa1, 0x0, 0x0)

04:23:49 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:23:49 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:23:49 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

04:23:49 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:23:49 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:23:49 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xfffffff5, 0x0, 0x0)

04:23:49 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
symlink(&(0x7f0000000940)='./file1\x00', &(0x7f0000000980)='./file0/file0\x00')
syz_mount_image$vfat(0x0, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', r1, &(0x7f0000000080)='./file0\x00', 0x2)
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000080)='./file0\x00', 0x2)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000180)=""/246, 0xf6}, {&(0x7f0000000ac0)=""/120, 0x78}, {&(0x7f0000000340)=""/167, 0xa7}, {&(0x7f0000000400)=""/95, 0x5f}, {&(0x7f0000000480)=""/218, 0xda}, {&(0x7f0000000580)=""/234, 0xea}, {&(0x7f0000000680)=""/166, 0xa6}, {&(0x7f0000000740)=""/116, 0x74}, {&(0x7f00000007c0)=""/114, 0x72}], 0x9, &(0x7f00000009c0)=""/206, 0xce}, 0x10002)

04:23:49 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:23:49 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000001c0)={0x20, 0x1d, 0x10, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0xc, 0x9, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@dev}]}]}, 0x20}}, 0x0)
sendfile(r0, r0, &(0x7f0000000000)=0x3, 0x7ff)

04:23:49 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

04:23:49 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:23:49 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:24:03 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:03 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:24:03 executing program 5:
r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38)
fstatfs(0xffffffffffffffff, &(0x7f00000004c0)=""/176)
statx(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x0, 0x200, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
lstat(&(0x7f00000002c0)='./file1\x00', 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r1, r2, 0x1000)
socket$inet_udplite(0x2, 0x2, 0x88)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000400), 0x303242, 0x0)
r3 = syz_open_dev$vcsa(&(0x7f0000000040), 0x5, 0x4001c0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000005c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'vxcan1\x00'})
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000000, 0x110, r3, 0x8000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000002480), 0x800, 0x0)
ioctl$CDROMREADAUDIO(r5, 0x530e, &(0x7f0000000ac0)={@msf, 0x1, 0x1, &(0x7f0000000a80)=""/1})
dup3(0xffffffffffffffff, r5, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001d00210c04000000000000000400020008000c0000000000"], 0x1c}}, 0x0)
sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)={0x108, 0x464, 0x10, 0x70bd2c, 0x25dfdbff, "217bec17379ef7316d36d9b761cbe440d711ef05956f463d5f904553e8eaa139a2ee6e7c74ba17876864378b378359489c3a5f8671559f16e555bac1e8395ca1bf003f431d8402cfae3294f4f02785fe14cab52f92dcf43ff8b0204154c921a3cd8f75345715a17ed6e5da793496fc5c87ed39d833f3510614b870dae3ac3ad7fa5fa24bb7d1b5dda13bf466315f9241880d753583b5adfdb5d28cce4524d8e1fdf7fc8a2db825e384f9459e300cec7300ea50cfaa3f3c659b79e081967e3f13ccc17052d1ef567d98ceb720f421065b93743d93f71c6958e9cfb4b5b6a12f1c6fdf910523f7999f8531bf43366ff23eb7059dee1ea901", ["", "", "", "", "", "", "", ""]}, 0x108}, 0x1, 0x0, 0x0, 0x24004041}, 0x4004800)

04:24:03 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x7ffffffff000, 0x0, 0x0)

04:24:03 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:03 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

04:24:03 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

04:24:03 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$tmpfs(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0xf, 0x0, 0x0, 0x0)
r1 = open$dir(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x80086601, &(0x7f0000000080))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, <r2=>0x0})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000240)=ANY=[@ANYRES64=r2, @ANYBLOB="00040000000000000000008000000000060000000000000001000000000000000000000000000000010000000000000006000000010000000100008000000000000000000000000050050000000000000600000000000000ffff00000000000038000000000000000000000000a1573755914dd36971000000000000ff5a2bc979767e543d733c990000000000"])
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, <r3=>0x0})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000380)=ANY=[@ANYRES64=r3, @ANYBLOB="000400000000000000000080000000000600000000000000010000000000000000000000000000000100190000000000060000000100000001000080000000000000000000000000d0050000000000000600000000000000ffff00007f96856bc70a70d9ab2ef7b4b6f7d1000000003800000000000000000000119684e3dd0e97cf00020000009fdb3a18e8bdcde052cd730532a58c462718b3f7d10bd0cd6f33073c31dff8943a5da813a3e4efcc0b5d4e2ee7458a6dc95539feae40be4720261ef010de3826ef2ed77bfbd15b15b72033131cc76d88496abd73fa188be54b584ef197415f831e924f53bd422f8416465bc369a9000000000000"])
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, 0x0, <r4=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004af00)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r5=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r6=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r7=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r8=>0x0}, {}, {}, {<r9=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r10=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}], 0x0, "e6a2e51d013042"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, <r11=>0x0})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000300)=ANY=[@ANYRESOCT=r8, @ANYRESOCT, @ANYRES16, @ANYRESDEC=r6])
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, 0x0, <r12=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004af00)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r13=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {0x0, <r14=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}], 0x0, "e6a2e51d013042"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, <r15=>0x0})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000180)=ANY=[@ANYRES64=r15, @ANYBLOB="0004000000000000000000800000000006000000000000000100000000000000000000000000000001000000000000000600618e8c99589018c70080000000000000000000000000d0050000000000000600000000000000ffff0000000000003800"/120])
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004f200)={0x1000, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r16=>0x0}], 0x2, "c63c0a7f056a99"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000050200)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r17=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r18=>0x0}], 0x40, "ff2e21d98df40a"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000051200)={0x81, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {r3, r4}, {}, {r11, r12}, {r15, r16}, {0x0, r18}], 0x20, "5c6391041bda5d"})
mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x18000, 0x1)

04:24:03 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x40000000000000, 0x0, 0x0)

04:24:03 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

04:24:03 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:16 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0)

04:24:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xb, 0xffffffffffffffff, 0x0)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'})
tee(r0, 0xffffffffffffffff, 0x6, 0x5)
r3 = pidfd_getfd(0xffffffffffffffff, r1, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r2, 0xc0389424, &(0x7f0000000180)={0x7fff, 0x28, '\x00', 0x1, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000240)={0x0, 0x0, {0x0, 0x0, 0xffffffff}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r4, 0x40047211, &(0x7f00000001c0))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000640)={0x0}, 0x1, 0x0, 0x0, 0x4890}, 0x4800)
readv(0xffffffffffffffff, 0x0, 0x0)
unshare(0x48020200)
sendfile(r3, r4, &(0x7f0000000000)=0x7fffffff, 0x1000000000000000)
unshare(0x20000)

04:24:16 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:16 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:24:16 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:16 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

04:24:16 executing program 2:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3875, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8000000}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000340)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
dup3(r0, r4, 0x0)
syz_open_dev$mouse(&(0x7f0000000300), 0x1, 0x220001)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x1, 0x2007, @fd, 0x0, 0x0, 0x0, 0x1}, 0x80000001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r9, &(0x7f0000000080)={0x40000005})

04:24:16 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

[ 1063.748655] FAULT_INJECTION: forcing a failure.
[ 1063.748655] name failslab, interval 1, probability 0, space 0, times 0
[ 1063.750047] CPU: 1 PID: 7630 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1063.750808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1063.751732] Call Trace:
[ 1063.752040]  dump_stack+0x107/0x167
[ 1063.752472]  should_fail.cold+0x5/0xa
[ 1063.752909]  should_failslab+0x5/0x20
[ 1063.753340]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1063.753846]  io_submit_sqes+0x6f76/0x85c0
[ 1063.754313]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1063.754863]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1063.755421]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1063.755970]  ? lock_downgrade+0x6d0/0x6d0
[ 1063.756448]  ? find_held_lock+0x2c/0x110
[ 1063.756913]  ? io_submit_sqes+0x85c0/0x85c0
[ 1063.757404]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1063.757941]  ? wait_for_completion_io+0x270/0x270
[ 1063.758492]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1063.759008]  ? vfs_write+0x354/0xa70
[ 1063.759453]  ? fput_many+0x2f/0x1a0
[ 1063.759882]  ? ksys_write+0x1a9/0x260
[ 1063.760355]  ? __ia32_sys_read+0xb0/0xb0
[ 1063.760815]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1063.761431]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1063.762043]  do_syscall_64+0x33/0x40
[ 1063.762474]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1063.763073] RIP: 0033:0x7f06e6057b19
[ 1063.763497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1063.765638] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1063.766480] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1063.767310] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1063.768085] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1063.768923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1063.769697] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:24:16 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:16 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)

04:24:16 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xf0ffffff7f0000, 0x0, 0x0)

[ 1063.967033] FAULT_INJECTION: forcing a failure.
[ 1063.967033] name failslab, interval 1, probability 0, space 0, times 0
[ 1063.970788] CPU: 0 PID: 7647 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1063.972266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1063.974032] Call Trace:
[ 1063.974587]  dump_stack+0x107/0x167
[ 1063.975367]  should_fail.cold+0x5/0xa
[ 1063.976173]  ? create_object.isra.0+0x3a/0xa20
[ 1063.977165]  should_failslab+0x5/0x20
[ 1063.977979]  kmem_cache_alloc+0x5b/0x310
[ 1063.978841]  create_object.isra.0+0x3a/0xa20
[ 1063.979772]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1063.980864]  kmem_cache_alloc_bulk+0x168/0x320
[ 1063.981813]  io_submit_sqes+0x6f76/0x85c0
[ 1063.982677]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1063.983706]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1063.984758]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1063.985770]  ? lock_downgrade+0x6d0/0x6d0
[ 1063.986639]  ? find_held_lock+0x2c/0x110
[ 1063.987488]  ? io_submit_sqes+0x85c0/0x85c0
[ 1063.988416]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1063.989444]  ? wait_for_completion_io+0x270/0x270
[ 1063.990439]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1063.991392]  ? vfs_write+0x354/0xa70
[ 1063.992168]  ? fput_many+0x2f/0x1a0
[ 1063.992933]  ? ksys_write+0x1a9/0x260
[ 1063.993722]  ? __ia32_sys_read+0xb0/0xb0
[ 1063.994572]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1063.995656]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1063.996763]  do_syscall_64+0x33/0x40
[ 1063.997524]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1063.998577] RIP: 0033:0x7f06e6057b19
[ 1063.999350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1064.003130] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1064.004705] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1064.006167] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1064.007638] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1064.009139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1064.010631] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:24:31 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

04:24:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
openat$incfs(0xffffffffffffffff, &(0x7f0000000140)='.pending_reads\x00', 0x0, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
close(0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x3)
signalfd(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat(r1, &(0x7f0000000100)='./file0/file0\x00', 0x400002, 0x0)
lseek(r1, 0x0, 0x2)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/icmp\x00')
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYBLOB="7f454c46fb010502030000000000000003000300be00000030010000000000004000000000000000b6010000000000000300000080003800010000040080ff0f0200000009000000dd00000000000000070000000000000081ffffffffffffff060000000000000007000000000000000800000000000000e4c442de78c86e3d1900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffdf00"/897], 0x381)
preadv(r2, &(0x7f0000000440)=[{&(0x7f0000000040)=""/67, 0x43}], 0x1, 0x48, 0x0)
r3 = syz_open_pts(r2, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r3, 0xf50f, 0x0)
finit_module(r2, &(0x7f00000000c0)=']\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128)
copy_file_range(r4, 0x0, r1, 0x0, 0x200f5ef, 0x0)

04:24:31 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

04:24:31 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:24:31 executing program 5:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8}, 0x11010, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, 0x0, 0x3)
pkey_alloc(0x0, 0x0)
mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0)
pkey_alloc(0x0, 0x1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4)
mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x20, @loopback}, 0x1c)
get_mempolicy(&(0x7f0000000140), &(0x7f0000000180), 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x3)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendfile(r1, r0, 0x0, 0x9bbb)
clone3(&(0x7f00000003c0)={0x8040100, &(0x7f0000000100)=<r2=>0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000240), {0x3b}, &(0x7f0000000280)=""/176, 0xb0, &(0x7f00000006c0)=""/42, &(0x7f0000000380)=[0xffffffffffffffff], 0x1, {r0}}, 0x58)
ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f0000000440)=ANY=[@ANYBLOB="08ba695763cc7d8c1ab7cda197d0f7000000ff0100ac5b7de00047ffffffffffffff04000000aebf00000300000020000000090000000000000001000000000000000500000011000000000000000022d14b734e4e0e000000000000000000000008040000000000000000000000000000080000000000000000000000000a000000000000000000008418000000000000000000000000000000020000000000000600000000000000900000cf00000000000000000000000000001e000000000000822600656c37b163173449c86fca82110e6c37f5c1b17b00004000080000000000d9ebbc66a602000000d9529e5c7b9446414a6d0bc60750dc5236886beca3cb63dc79d401d43692927d39a8aa5dc4fb96f5717982dac2bd0afd09e11c39af2f3f70a79bceb4eaebedf575a5f6550d1af6d120375a0626a2df80fa5125f41af709db87bac7c4a1a033a5e970e13483acc6be441dfeedc417257368a9f3a1b2bf69e5f3e1856918c65e6adfc23756efbd15b9823cd9d6e5e682c0434147d02546051e1c0c034f939a4c46ba7c080cc5cf99eee7657e47c8e9db43d1a865d54bf79c33b1ae47af61d65811d595114f3d328b375f99aa1d883164a512e520b4fb73850abb20cb4693b1a4ea1116193fe59b392a17d0e59f869bd35019f9b0de82c2bb8b68cff7709a8c36be7557ffc2f97b247f859bc85508000000fcd275320c02ee4d72b3e1d5bea7c5b5c1e7f0ba518df327f1f19fb4d222fc8d008423c2062ce09d6c194a06471a25cf33257102eeb6f326ec2a668976ba900a092e1d5a00"/592])
mmap$usbmon(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x0, 0x13, 0xffffffffffffffff, 0x0)

04:24:31 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:31 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:31 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0)

[ 1078.777779] FAULT_INJECTION: forcing a failure.
[ 1078.777779] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.780566] CPU: 1 PID: 7667 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1078.781954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1078.783605] Call Trace:
[ 1078.784134]  dump_stack+0x107/0x167
[ 1078.784880]  should_fail.cold+0x5/0xa
[ 1078.785657]  ? create_object.isra.0+0x3a/0xa20
[ 1078.786580]  should_failslab+0x5/0x20
[ 1078.787356]  kmem_cache_alloc+0x5b/0x310
[ 1078.788182]  ? mark_held_locks+0x9e/0xe0
[ 1078.789023]  create_object.isra.0+0x3a/0xa20
[ 1078.789916]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1078.790948]  kmem_cache_alloc_bulk+0x168/0x320
[ 1078.791874]  io_submit_sqes+0x6f76/0x85c0
[ 1078.792730]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1078.793732]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1078.794737]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1078.795759]  ? lock_downgrade+0x6d0/0x6d0
[ 1078.796620]  ? find_held_lock+0x2c/0x110
[ 1078.797450]  ? io_submit_sqes+0x85c0/0x85c0
[ 1078.798342]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1078.799316]  ? wait_for_completion_io+0x270/0x270
[ 1078.800311]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1078.801267]  ? vfs_write+0x354/0xa70
[ 1078.802045]  ? fput_many+0x2f/0x1a0
[ 1078.802814]  ? ksys_write+0x1a9/0x260
[ 1078.803607]  ? __ia32_sys_read+0xb0/0xb0
[ 1078.804473]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1078.805537]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1078.806579]  do_syscall_64+0x33/0x40
[ 1078.807329]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1078.808448] RIP: 0033:0x7f06e6057b19
[ 1078.809192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1078.812838] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1078.814343] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1078.815755] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1078.817187] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1078.818596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1078.820011] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1078.832091] FAULT_INJECTION: forcing a failure.
[ 1078.832091] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.834769] CPU: 1 PID: 7670 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1078.836181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1078.837852] Call Trace:
[ 1078.838383]  dump_stack+0x107/0x167
[ 1078.839122]  should_fail.cold+0x5/0xa
[ 1078.839913]  should_failslab+0x5/0x20
[ 1078.840707]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1078.841607]  io_submit_sqes+0x6f76/0x85c0
04:24:31 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xa1ffffffffffffff, 0x0, 0x0)

[ 1078.842439]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1078.843629]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1078.844645]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1078.845605]  ? lock_downgrade+0x6d0/0x6d0
[ 1078.846422]  ? find_held_lock+0x2c/0x110
[ 1078.847226]  ? io_submit_sqes+0x85c0/0x85c0
[ 1078.848089]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1078.849053]  ? wait_for_completion_io+0x270/0x270
[ 1078.850017]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1078.850940]  ? vfs_write+0x354/0xa70
[ 1078.851680]  ? fput_many+0x2f/0x1a0
[ 1078.852409]  ? ksys_write+0x1a9/0x260
[ 1078.853172]  ? __ia32_sys_read+0xb0/0xb0
[ 1078.853983]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1078.855019]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1078.856056]  do_syscall_64+0x33/0x40
[ 1078.856817]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1078.857836] RIP: 0033:0x7f79e8f8cb19
[ 1078.858577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1078.862227] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1078.863758] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1078.865167] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1078.866573] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1078.867975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1078.869400] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:24:31 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:31 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)

04:24:31 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:31 executing program 2:
ftruncate(0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x0)
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000500)=ANY=[@ANYBLOB="0100001101a83814f146de26", @ANYRES32=r0])
lstat(&(0x7f00000002c0)='./file1\x00', 0x0)
write(r0, &(0x7f0000000540), 0x0)
mount$9p_tcp(&(0x7f00000000c0), &(0x7f0000000300)='./file1\x00', &(0x7f0000000340), 0x100c5, &(0x7f0000000380)={'trans=tcp,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@uname={'uname', 0x3d, '{'}}], [{@obj_type={'obj_type', 0x3d, '{{^$'}}, {@uid_gt={'uid>', r1}}, {@euid_lt={'euid<', r1}}, {@hash}, {@permit_directio}, {@appraise}, {@appraise}, {@obj_type={'obj_type', 0x3d, '@&[&'}}]}})
copy_file_range(0xffffffffffffffff, 0x0, r0, &(0x7f00000004c0)=0x9, 0x3, 0x0)
syz_open_dev$vcsn(&(0x7f0000000440), 0x6, 0x0)
syz_open_dev$vcsn(0x0, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000600)='./file1/file0\x00', 0x101)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000740)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x800, 0x40)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, @perf_config_ext, 0x106, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000001d07000c00000000000000000400020008000c0000000000593189a5d4498e4ad77ed3fd25ea1479740f85234905908e7cc8b4188e2d989172f7"], 0x1c}}, 0x0)

04:24:31 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)

04:24:31 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xf5ffffffffffffff, 0x0, 0x0)

04:24:32 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1079.077108] FAULT_INJECTION: forcing a failure.
[ 1079.077108] name failslab, interval 1, probability 0, space 0, times 0
[ 1079.079506] CPU: 0 PID: 7692 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1079.080587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1079.081883] Call Trace:
[ 1079.082302]  dump_stack+0x107/0x167
[ 1079.082875]  should_fail.cold+0x5/0xa
[ 1079.083474]  ? create_object.isra.0+0x3a/0xa20
[ 1079.084196]  should_failslab+0x5/0x20
[ 1079.084808]  kmem_cache_alloc+0x5b/0x310
[ 1079.085447]  ? mark_held_locks+0x9e/0xe0
[ 1079.086088]  create_object.isra.0+0x3a/0xa20
[ 1079.086782]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1079.087613]  kmem_cache_alloc_bulk+0x168/0x320
[ 1079.088347]  io_submit_sqes+0x6f76/0x85c0
[ 1079.089011]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1079.089797]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1079.090620]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1079.091412]  ? lock_downgrade+0x6d0/0x6d0
[ 1079.092071]  ? find_held_lock+0x2c/0x110
[ 1079.092728]  ? io_submit_sqes+0x85c0/0x85c0
[ 1079.093444]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1079.094240]  ? wait_for_completion_io+0x270/0x270
[ 1079.095031]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1079.095773]  ? vfs_write+0x354/0xa70
[ 1079.096368]  ? fput_many+0x2f/0x1a0
[ 1079.096975]  ? ksys_write+0x1a9/0x260
[ 1079.097586]  ? __ia32_sys_read+0xb0/0xb0
[ 1079.098272]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1079.099148]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1079.100035]  do_syscall_64+0x33/0x40
[ 1079.100629]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1079.101505] RIP: 0033:0x7f06e6057b19
[ 1079.101731] FAULT_INJECTION: forcing a failure.
[ 1079.101731] name failslab, interval 1, probability 0, space 0, times 0
[ 1079.102093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1079.102103] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1079.108338] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1079.109513] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1079.110669] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1079.111819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1079.112983] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1079.114190] CPU: 1 PID: 7699 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1079.115495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1079.117069] Call Trace:
[ 1079.117538]  dump_stack+0x107/0x167
[ 1079.118191]  should_fail.cold+0x5/0xa
[ 1079.118870]  ? create_object.isra.0+0x3a/0xa20
[ 1079.119690]  should_failslab+0x5/0x20
[ 1079.120371]  kmem_cache_alloc+0x5b/0x310
[ 1079.121102]  create_object.isra.0+0x3a/0xa20
[ 1079.121880]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1079.122790]  kmem_cache_alloc_bulk+0x168/0x320
[ 1079.123612]  io_submit_sqes+0x6f76/0x85c0
[ 1079.124369]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1079.125243]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1079.126123]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1079.126976]  ? lock_downgrade+0x6d0/0x6d0
[ 1079.127725]  ? find_held_lock+0x2c/0x110
[ 1079.128490]  ? io_submit_sqes+0x85c0/0x85c0
[ 1079.129259]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1079.130120]  ? wait_for_completion_io+0x270/0x270
[ 1079.130992]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1079.131826]  ? vfs_write+0x354/0xa70
[ 1079.132506]  ? fput_many+0x2f/0x1a0
[ 1079.133150]  ? ksys_write+0x1a9/0x260
[ 1079.133850]  ? __ia32_sys_read+0xb0/0xb0
[ 1079.134584]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1079.135510]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1079.136442]  do_syscall_64+0x33/0x40
[ 1079.137102]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1079.137965] RIP: 0033:0x7f79e8f8cb19
[ 1079.138614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1079.141725] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1079.143018] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1079.144211] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1079.145425] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1079.146688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1079.147954] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:24:32 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
pread64(r0, &(0x7f0000000040)=""/4098, 0x20001042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r1, 0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000010c0), 0x4)

04:24:32 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:32 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xffffffffffffffa1, 0x0, 0x0)

04:24:32 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:44 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x40000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40005, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_WRITE={0x17, 0x5, 0x2007, @fd_index=0x3, 0xe30, &(0x7f00000001c0)}, 0x3)
r4 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r4)
write(r3, &(0x7f0000000240)="01", 0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10000}, 0x5)
creat(&(0x7f00000002c0)='./file0/file0\x00', 0x56)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000001, 0x10, r1, 0x0)
syz_io_uring_complete(r5)
write$P9_RREADLINK(r0, &(0x7f0000000140)=ANY=[], 0x10)
sendfile(r0, r2, 0x0, 0x20d315)

04:24:44 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:24:44 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xfffffffffffffff5, 0x0, 0x0)

04:24:44 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)

04:24:44 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r2 = signalfd(r1, &(0x7f0000000480), 0x8)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000004c0)={0x9000000a})
sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
syz_mount_image$nfs4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x240, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e24, 0x3, @loopback, 0x4}, 0x1c)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, '\x00', 0x17}, 0x3}, 0x1c)
listen(r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ppoll(&(0x7f0000000240)=[{r3}, {r4, 0x82}, {r0, 0x8109}, {0xffffffffffffffff, 0x4}, {r0, 0x10090}], 0x5, &(0x7f00000002c0), &(0x7f0000000440)={[0xb9]}, 0x8)
recvfrom$inet6(r1, &(0x7f0000000340)=""/237, 0xed, 0x40, &(0x7f0000000500)={0xa, 0x4e21, 0x2a38, @mcast1, 0x8001}, 0x1c)
clone3(&(0x7f0000000080)={0x1040900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_open_procfs(0x0, &(0x7f0000000200)='net/nfsfs\x00')
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x10})

04:24:44 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:44 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

[ 1091.678620] FAULT_INJECTION: forcing a failure.
[ 1091.678620] name failslab, interval 1, probability 0, space 0, times 0
[ 1091.681206] CPU: 1 PID: 7736 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1091.682601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1091.684375] Call Trace:
[ 1091.684955]  dump_stack+0x107/0x167
[ 1091.685729]  should_fail.cold+0x5/0xa
[ 1091.686534]  ? create_object.isra.0+0x3a/0xa20
[ 1091.687528]  should_failslab+0x5/0x20
[ 1091.688316]  kmem_cache_alloc+0x5b/0x310
[ 1091.689170]  ? mark_held_locks+0x9e/0xe0
[ 1091.690006]  create_object.isra.0+0x3a/0xa20
[ 1091.690918]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1091.692036]  kmem_cache_alloc_bulk+0x168/0x320
[ 1091.692969]  io_submit_sqes+0x6f76/0x85c0
[ 1091.693813]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1091.694764]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1091.695785]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1091.696793]  ? lock_downgrade+0x6d0/0x6d0
[ 1091.697646]  ? find_held_lock+0x2c/0x110
[ 1091.698493]  ? io_submit_sqes+0x85c0/0x85c0
[ 1091.699394]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1091.700393]  ? wait_for_completion_io+0x270/0x270
[ 1091.701427]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1091.702378]  ? vfs_write+0x354/0xa70
[ 1091.703148]  ? fput_many+0x2f/0x1a0
[ 1091.703893]  ? ksys_write+0x1a9/0x260
[ 1091.704676]  ? __ia32_sys_read+0xb0/0xb0
[ 1091.705515]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1091.706579]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1091.707635]  do_syscall_64+0x33/0x40
[ 1091.708394]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1091.709451] RIP: 0033:0x7f06e6057b19
[ 1091.710217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1091.714000] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1091.715569] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1091.717031] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1091.718487] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1091.719937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1091.721401] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1091.760482] FAULT_INJECTION: forcing a failure.
[ 1091.760482] name failslab, interval 1, probability 0, space 0, times 0
[ 1091.762482] CPU: 0 PID: 7743 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1091.763439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1091.764615] Call Trace:
[ 1091.764990]  dump_stack+0x107/0x167
[ 1091.765519]  should_fail.cold+0x5/0xa
[ 1091.766081]  ? create_object.isra.0+0x3a/0xa20
[ 1091.766716]  should_failslab+0x5/0x20
[ 1091.767254]  kmem_cache_alloc+0x5b/0x310
[ 1091.767826]  ? mark_held_locks+0x9e/0xe0
[ 1091.768412]  create_object.isra.0+0x3a/0xa20
[ 1091.769046]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1091.769775]  kmem_cache_alloc_bulk+0x168/0x320
[ 1091.770423]  io_submit_sqes+0x6f76/0x85c0
[ 1091.771020]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1091.771718]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1091.772417]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1091.773102]  ? lock_downgrade+0x6d0/0x6d0
[ 1091.773681]  ? find_held_lock+0x2c/0x110
[ 1091.774271]  ? io_submit_sqes+0x85c0/0x85c0
[ 1091.774901]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1091.775592]  ? wait_for_completion_io+0x270/0x270
[ 1091.776278]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1091.776957]  ? vfs_write+0x354/0xa70
[ 1091.777489]  ? fput_many+0x2f/0x1a0
[ 1091.778043]  ? ksys_write+0x1a9/0x260
[ 1091.778587]  ? __ia32_sys_read+0xb0/0xb0
[ 1091.779176]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1091.779929]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1091.780685]  do_syscall_64+0x33/0x40
[ 1091.781216]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1091.781959] RIP: 0033:0x7f79e8f8cb19
[ 1091.782497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1091.785148] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1091.786217] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1091.787265] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1091.788279] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1091.789319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1091.790332] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:24:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_io_uring_setup(0x5c49, &(0x7f0000000240)={0x0, 0x1697, 0x23, 0x0, 0x27b}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000300))
ioctl$sock_bt_hci(r4, 0x400448e7, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000080)={0x0, r4, 0x2, 0x5, 0x4, 0x1})
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
fallocate(r1, 0x0, 0x10001, 0x0)
write(0xffffffffffffffff, &(0x7f0000000180)="4c4ac5535b41197f579ff5284c7c62c3c216c1809f0efb59a1c16612c9404c88627341c5bc65da58b2", 0x29)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [], 0x0, "46dacd8396fe92"})
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f000005eb40)={{0x0, 0x6912, 0x4, 0x3, 0x400, 0x100, 0x2, 0x9, 0x0, 0x0, 0x3, 0x6, 0x0, 0xff, 0x9}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f000005fb40)={0x4, [], 0x0, "83da7ce32c2bd4"})
setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000140)=0x4, 0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1, 0x2})

[ 1091.815442] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
04:24:44 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xffffffffffffffff, 0x0, 0x0)

04:24:44 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:24:44 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:44 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

04:24:44 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1091.934926] FAULT_INJECTION: forcing a failure.
[ 1091.934926] name failslab, interval 1, probability 0, space 0, times 0
[ 1091.936686] CPU: 0 PID: 7760 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1091.937583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1091.938652] Call Trace:
[ 1091.938988]  dump_stack+0x107/0x167
[ 1091.939469]  should_fail.cold+0x5/0xa
[ 1091.939960]  ? create_object.isra.0+0x3a/0xa20
[ 1091.940568]  should_failslab+0x5/0x20
[ 1091.941061]  kmem_cache_alloc+0x5b/0x310
[ 1091.941592]  ? mark_held_locks+0x9e/0xe0
[ 1091.942121]  create_object.isra.0+0x3a/0xa20
[ 1091.942690]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1091.943335]  kmem_cache_alloc_bulk+0x168/0x320
[ 1091.943949]  io_submit_sqes+0x6f76/0x85c0
[ 1091.944505]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1091.945171]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1091.945831]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1091.946474]  ? lock_downgrade+0x6d0/0x6d0
[ 1091.947020]  ? find_held_lock+0x2c/0x110
[ 1091.947558]  ? io_submit_sqes+0x85c0/0x85c0
[ 1091.948137]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1091.948792]  ? wait_for_completion_io+0x270/0x270
[ 1091.949444]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1091.950060]  ? vfs_write+0x354/0xa70
[ 1091.950555]  ? fput_many+0x2f/0x1a0
[ 1091.951035]  ? ksys_write+0x1a9/0x260
[ 1091.951538]  ? __ia32_sys_read+0xb0/0xb0
[ 1091.952069]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1091.952793]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1091.953482]  do_syscall_64+0x33/0x40
[ 1091.953985]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1091.954660] RIP: 0033:0x7f06e6057b19
[ 1091.955126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1091.957604] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1091.958602] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1091.959532] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1091.960485] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1091.961440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1091.962335] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:24:44 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xa1)

04:24:44 executing program 5:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000480)={&(0x7f00000006c0)={0x11c, r0, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x8d, 0x5b, "ba38ed850ea58de81c7def760f2cdba1eaa197522f5ac73896570842ce86fc8f2ef67025a28704bd05f1dc090e8c4be57c892a056ee01b09b8bb6106447aeaaefb1373f88a24c36c3e9d5be9bd01000080000000005ed04bb0889016a2f2429bcb0cda4a8cdc90c4ff4fd8e755ac6f0582c9a0a45e6c8e7ebe5323da70e86dd3cf4251a7596968ee60"}, @NL80211_ATTR_FRAME_MATCH={0x65, 0x5b, "eaf571b34d95ebcea0b75bf150014833ea201392ad088fc7bf782a8f116697bfc5be10efbc0cebac35594f9c89595c65e2a05009f0697d2b574f94943063a01e2f28bb95572c4390c12218b2754460f176f619c3875c081edd621f8c7aafbe1e00"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x8}]}, 0x11c}, 0x1, 0x0, 0x0, 0x810}, 0x40001)
msgget$private(0x0, 0x8c)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r2)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_COALESCE(r2, &(0x7f0000000340)={0x0, 0x74, &(0x7f0000000300)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x0, 0x0, {{0x7e}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0)
connect$inet6(r1, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f0000000500)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x1}, 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$bt_hci(r5, 0x0, 0x2, &(0x7f0000000100)=""/215, &(0x7f0000000200)=0xd7)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x44}, 0x9030, 0xd0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg$inet6(r1, &(0x7f0000004d00), 0x2f, 0x0)
recvfrom$inet6(0xffffffffffffffff, &(0x7f0000000380)=""/231, 0xe7, 0x10001, &(0x7f0000000040)={0xa, 0x4e23, 0x4, @loopback, 0x2}, 0x1c)

04:24:45 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)

04:24:45 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)

04:24:45 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xf5)

[ 1092.125975] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1092.216649] FAULT_INJECTION: forcing a failure.
[ 1092.216649] name failslab, interval 1, probability 0, space 0, times 0
[ 1092.219513] CPU: 1 PID: 7775 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1092.220926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1092.222641] Call Trace:
[ 1092.223194]  dump_stack+0x107/0x167
[ 1092.223949]  should_fail.cold+0x5/0xa
[ 1092.224741]  ? create_object.isra.0+0x3a/0xa20
[ 1092.225685]  ? create_object.isra.0+0x3a/0xa20
[ 1092.226637]  should_failslab+0x5/0x20
[ 1092.227427]  kmem_cache_alloc+0x5b/0x310
[ 1092.228267]  ? mark_held_locks+0x9e/0xe0
[ 1092.229128]  create_object.isra.0+0x3a/0xa20
[ 1092.230019]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1092.231079]  kmem_cache_alloc_bulk+0x168/0x320
[ 1092.232013]  io_submit_sqes+0x6f76/0x85c0
[ 1092.232895]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1092.233899]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1092.234932]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1092.235930]  ? lock_downgrade+0x6d0/0x6d0
[ 1092.236799]  ? find_held_lock+0x2c/0x110
[ 1092.237632]  ? io_submit_sqes+0x85c0/0x85c0
[ 1092.238540]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1092.239533]  ? wait_for_completion_io+0x270/0x270
[ 1092.240541]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1092.241500]  ? vfs_write+0x354/0xa70
[ 1092.242258]  ? fput_many+0x2f/0x1a0
[ 1092.242998]  ? ksys_write+0x1a9/0x260
[ 1092.243777]  ? __ia32_sys_read+0xb0/0xb0
[ 1092.244612]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1092.245673]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1092.246753]  do_syscall_64+0x33/0x40
[ 1092.247511]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1092.248585] RIP: 0033:0x7f06e6057b19
[ 1092.249346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1092.253136] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1092.254683] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1092.256140] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1092.257605] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1092.259052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1092.260498] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1092.265331] FAULT_INJECTION: forcing a failure.
[ 1092.265331] name failslab, interval 1, probability 0, space 0, times 0
[ 1092.267723] CPU: 1 PID: 7777 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1092.269133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1092.270816] Call Trace:
[ 1092.271367]  dump_stack+0x107/0x167
[ 1092.272127]  should_fail.cold+0x5/0xa
[ 1092.272914]  ? create_object.isra.0+0x3a/0xa20
[ 1092.273866]  should_failslab+0x5/0x20
[ 1092.274647]  kmem_cache_alloc+0x5b/0x310
[ 1092.275487]  ? mark_held_locks+0x9e/0xe0
[ 1092.275800] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1092.276325]  create_object.isra.0+0x3a/0xa20
[ 1092.276346]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1092.276373]  kmem_cache_alloc_bulk+0x168/0x320
[ 1092.276399]  io_submit_sqes+0x6f76/0x85c0
[ 1092.281890]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1092.282908]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1092.283932]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1092.284930]  ? lock_downgrade+0x6d0/0x6d0
[ 1092.285779]  ? find_held_lock+0x2c/0x110
[ 1092.286625]  ? io_submit_sqes+0x85c0/0x85c0
[ 1092.287518]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1092.288508]  ? wait_for_completion_io+0x270/0x270
[ 1092.289513]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1092.290465]  ? vfs_write+0x354/0xa70
[ 1092.291233]  ? fput_many+0x2f/0x1a0
[ 1092.291975]  ? ksys_write+0x1a9/0x260
[ 1092.292771]  ? __ia32_sys_read+0xb0/0xb0
[ 1092.293608]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1092.294682]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1092.295751]  do_syscall_64+0x33/0x40
[ 1092.296510]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1092.297578] RIP: 0033:0x7f79e8f8cb19
[ 1092.298348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1092.302123] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1092.303701] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1092.305168] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1092.306630] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1092.308079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1092.309554] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:24:58 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

04:24:58 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000080)=0xffffffffffffffff)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r1, 0x0, 0x0)
syncfs(0xffffffffffffffff)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xc8, &(0x7f0000000180)=0x3, 0x4)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='sessionid\x00')
pread64(r2, 0x0, 0xfffffffffffffdda, 0x0)
ioctl$RTC_ALM_SET(r2, 0x40247007, &(0x7f0000000100)={0x38, 0x22, 0x0, 0x0, 0x8, 0xc, 0x2, 0x95, 0x1})
r3 = memfd_create(&(0x7f00000002c0)='sessionid\x00', 0x1)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r3, 0x4008941a, &(0x7f0000000300))
ioctl$AUTOFS_DEV_IOCTL_FAIL(r2, 0xc0189377, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r4, 0x0, 0x0, 0x8000)
write$9p(0xffffffffffffffff, &(0x7f00000000c0)="0fb865562069ab2f32beb83e263962827b00d7d8b791e504b65c5ed26e6688d67a9796c1aedca0de65d21b4796fd1b3df0ccedf9739e29f6b965de85433255da7945b7a842ba5fa3dbe88cd26fc9b1b807bc2d59e5a9f2c2bdaccdb839190141ba0151232669cb02b3b076251c024d73f501a54d959dac7cdb3fc324ab47f2a3e1ef12691eac5cab96860e948e", 0x8d)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x1002}, 0x0, 0xb, 0xffffffffffffffff, 0x0)
syncfs(r5)

04:24:58 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:24:58 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000)

04:24:58 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:58 executing program 2:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x6)
socket$inet(0x2, 0xa, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0)=@ieee802154, 0x80)
getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, 0x0, &(0x7f0000000540))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000140)=ANY=[@ANYBLOB="037c454408014000000100002b80b85900", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='./file0\x00'])
dup3(0xffffffffffffffff, r0, 0x80000)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84000)
readv(r1, &(0x7f00000006c0), 0x0)
ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000180))
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r2, &(0x7f0000000000), 0x1b4000)
r3 = dup(0xffffffffffffffff)
ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000040)={0x0, 0x0, 0x8, 0x5, 0x169, &(0x7f0000000740)="b28a1043cfff72bc0cd38f669536d92a76717adb92da1191cbc52dbc3dd6e8aa122146e28d41e01be933cb043663d49cc4ba1b51f9a0cdfc27b2dae14d3083221976d7a854cf0f532616024dd86445978c7506ce710af6808d16dd1979b9fa6493a304112925ecc8a4f7ed9f659c4ec98cf8fcc84cdc95337e4f5d441ca6fffb04ed566b74a1f3b2024feb41781c204a0e0387459710c5546e809230453b5068bd2b1a7fad7169e370df46090f41ba47b918149c04f5895032f46d1fc2350a186ae0909037d1657b690a423301fb7608f4dae7d34d00e187aa06ce65d0a4c47ba70667bab860fbe2d144ff78ed5c083b81c6e94284962bd3d9a1f6029a7515f78e766ee0eb5095a48e815a37635689e00c03cb2657e340624636d4e46dc5a186e826fd6ab29a704d08e8007b6d45160be9bf00a3c794f6feb4c6fd8b47a319fb512b388c0d14857bbe0b7bb2b35dd5fb1aab1e8fb596018f8788b00a57f18418900ba2922b3c7a47d25e7e4743ce51dd8807952e12b941b31e3d960c4c8eee280310a60ad2d8d8cd83988f790c3ea30ce88ece57010c52b934f8106ccd87097ce4ec1fad36276056693b0fb52fe0ee87565f1feb7678fd2b19fd331869c0733db2b80f5cb1b0a1fcb63254c23d2673c36d9a7f15fbad121625cd62b0c4b5a87ffd74e6711ab209f70b0c40e498fbfde441c3f27819b82709945f646a0f654de59f0042d78114edca4d003c326594c012fc30c2d2c36ca65a0f26dfb285d1300048ba9007aab3ff65a71e9f71c59133f63f5bbceb3686d05c1a1b9b945ded3d1e672dc334f4fde5557d4dc0991b8f6d614aa92ca3c2c850dd116cb0a70cfae387862aefed8e27520e6316ef4641311bfb8a0be7346c3cce450dff1abc1d2c7863feceea2370f2d42be6e942cd6f202ab3e31e619fab9fd5ff805d7addaa8f61bd82bf362226106079cf3645e9d1131f95f2ebbb90b72da7ee6d4755886e2a45822a5b7049106340a222079d98b5b8890035af805b3846e31f4c137771693d2278b1c306f4b7ee5f1565100edacce400b68284b97e81df0678779e3d8620e964bb0f5c43a0ea839b97e8db6973accaad07feb49d46cc0a651fbfbb1fff686fac2bf38cc1f9a429e70f64525ae0aefcda24da2f8ede088c3aaa6b76846f158a0cdafda716744c3168a2a0199488f06528bfe5517047ca1fd0bef774505a0e3187fcd7b88918f3576ddf5e6ca413fe96daf08a525146d0ce8a994537fb5c0ce3b70422887599cedc8ad62e0d7b870134386222ff72b1b767f189f1e3748a70881b7cde1bab6fb4301b940afb102d3a7f8a7b68a14eebb928a0e80180419dda562cafa1947de6cc3174794ceb8e9957c007cd8ac08a830352165edfb913e926a3e18c10dbb95334101466b8db8d83af0c490a067f1a070009a8940d767ddc62d661e4"})

04:24:58 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:24:59 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)

[ 1106.065631] FAULT_INJECTION: forcing a failure.
[ 1106.065631] name failslab, interval 1, probability 0, space 0, times 0
[ 1106.067457] CPU: 0 PID: 7791 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1106.068274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1106.069283] Call Trace:
[ 1106.069611]  dump_stack+0x107/0x167
[ 1106.070061]  should_fail.cold+0x5/0xa
[ 1106.070527]  ? create_object.isra.0+0x3a/0xa20
[ 1106.071106]  should_failslab+0x5/0x20
[ 1106.071591]  kmem_cache_alloc+0x5b/0x310
[ 1106.072089]  ? mark_held_locks+0x9e/0xe0
[ 1106.072588]  create_object.isra.0+0x3a/0xa20
[ 1106.073135]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1106.073763]  kmem_cache_alloc_bulk+0x168/0x320
[ 1106.074332]  io_submit_sqes+0x6f76/0x85c0
[ 1106.074855]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1106.075422]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1106.076062]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1106.076700]  ? lock_downgrade+0x6d0/0x6d0
[ 1106.077230]  ? find_held_lock+0x2c/0x110
[ 1106.077753]  ? io_submit_sqes+0x85c0/0x85c0
[ 1106.078306]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1106.078914]  ? wait_for_completion_io+0x270/0x270
[ 1106.079546]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1106.080138]  ? vfs_write+0x354/0xa70
[ 1106.080627]  ? fput_many+0x2f/0x1a0
[ 1106.081107]  ? ksys_write+0x1a9/0x260
[ 1106.081597]  ? __ia32_sys_read+0xb0/0xb0
[ 1106.082107]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1106.082760]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1106.083433]  do_syscall_64+0x33/0x40
[ 1106.083893]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1106.084547] RIP: 0033:0x7f06e6057b19
[ 1106.085023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1106.087374] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1106.088331] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1106.089237] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1106.090302] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1106.091242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1106.092113] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:24:59 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1106.157136] FAULT_INJECTION: forcing a failure.
[ 1106.157136] name failslab, interval 1, probability 0, space 0, times 0
[ 1106.159154] CPU: 0 PID: 7801 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1106.160012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1106.160972] Call Trace:
[ 1106.161293]  dump_stack+0x107/0x167
[ 1106.161719]  should_fail.cold+0x5/0xa
[ 1106.162156]  ? create_object.isra.0+0x3a/0xa20
[ 1106.162686]  ? create_object.isra.0+0x3a/0xa20
[ 1106.163206]  should_failslab+0x5/0x20
[ 1106.163672]  kmem_cache_alloc+0x5b/0x310
[ 1106.164144]  ? mark_held_locks+0x9e/0xe0
[ 1106.164645]  create_object.isra.0+0x3a/0xa20
[ 1106.165157]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1106.165755]  kmem_cache_alloc_bulk+0x168/0x320
[ 1106.166320]  io_submit_sqes+0x6f76/0x85c0
[ 1106.166829]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1106.167429]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1106.168019]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1106.168609]  ? lock_downgrade+0x6d0/0x6d0
[ 1106.169107]  ? find_held_lock+0x2c/0x110
[ 1106.169615]  ? io_submit_sqes+0x85c0/0x85c0
[ 1106.170146]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1106.170738]  ? wait_for_completion_io+0x270/0x270
[ 1106.171330]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1106.171901]  ? vfs_write+0x354/0xa70
[ 1106.172358]  ? fput_many+0x2f/0x1a0
[ 1106.172824]  ? ksys_write+0x1a9/0x260
[ 1106.173289]  ? __ia32_sys_read+0xb0/0xb0
[ 1106.173783]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1106.174422]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1106.175047]  do_syscall_64+0x33/0x40
[ 1106.175498]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1106.176113] RIP: 0033:0x7f79e8f8cb19
[ 1106.176565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1106.178781] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1106.179711] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1106.180559] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1106.181432] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1106.182289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1106.183140] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:24:59 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x4000)

04:24:59 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:24:59 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)

04:24:59 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x8, 0x1002, 0x0, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00')
faccessat(r0, &(0x7f0000000000)='./file1\x00', 0x80)
r2 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0xc1200)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000280), 0x2, &(0x7f0000000780)=ANY=[@ANYBLOB="7472616e2000a21d372766b103646eefe595ace27206bbaa725cde0d0c80089ee21aee747f7da2fb20d9337a561b1291371bf99629d85952", @ANYRESHEX=r3, @ANYBLOB="e480b30897c43b061ba7faa6af1677333e1b51455fd91beb2118ebea3e2169c55cb3ea8194766901c67934cb895b54b944784476c4b307cd2a4821eb6d6f8e931933efc847ee06696d", @ANYRES32=r2, @ANYBLOB="ff0165728b696f6e3d39704a30303d616e792c000000000000000000671109c84d8b6e49f4a9f32edfacc4b9349c17223903fc01d1992da4c74a98e5727b29291a45b6a8c8026acfbab074cc8fbf41d53a7e8341f57bb6190ae1e8ce0e5385a30ddb3dbe4f404005e6894fd4e6384197f6d15b4d5860a6aa12e981e23da173a3953bfd01e2e9ba042c9c66cb16f8ba387ff7249c0da248c76bd2c92d5aafc514eda15615bc630c50277accfd82803e8bf3e094d98be84334dc9289b021cda5e12f407c80f4c11128b5dc8bab2a979bcf52b642b72f22b705ca954b11ce7dee4d9982f8483700"/241])
r5 = openat(r4, 0x0, 0x30140, 0x16)
preadv(r1, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = getpgid(0x0)
rt_tgsigqueueinfo(r6, r6, 0x0, &(0x7f0000000700))
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, &(0x7f0000000600)=0x2)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, 0x0, 0x0)
bind$inet(r7, &(0x7f0000000240)={0x2, 0x5, @private=0xa010100}, 0x10)
io_setup(0x8001, &(0x7f00000190c0))
kcmp$KCMP_EPOLL_TFD(r6, 0x0, 0x7, r5, &(0x7f0000000200)={r1})

[ 1106.357906] FAULT_INJECTION: forcing a failure.
[ 1106.357906] name failslab, interval 1, probability 0, space 0, times 0
[ 1106.360728] CPU: 1 PID: 7822 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1106.362111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1106.363768] Call Trace:
[ 1106.364301]  dump_stack+0x107/0x167
[ 1106.365044]  should_fail.cold+0x5/0xa
[ 1106.365816]  ? create_object.isra.0+0x3a/0xa20
[ 1106.366729]  should_failslab+0x5/0x20
[ 1106.367495]  kmem_cache_alloc+0x5b/0x310
[ 1106.368315]  ? mark_held_locks+0x9e/0xe0
[ 1106.369155]  create_object.isra.0+0x3a/0xa20
[ 1106.370037]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1106.371106]  kmem_cache_alloc_bulk+0x168/0x320
[ 1106.372027]  io_submit_sqes+0x6f76/0x85c0
[ 1106.372878]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1106.373869]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1106.374867]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1106.375843]  ? lock_downgrade+0x6d0/0x6d0
[ 1106.376671]  ? find_held_lock+0x2c/0x110
[ 1106.377516]  ? io_submit_sqes+0x85c0/0x85c0
[ 1106.378398]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1106.379371]  ? wait_for_completion_io+0x270/0x270
[ 1106.380346]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1106.381293]  ? vfs_write+0x354/0xa70
[ 1106.382041]  ? fput_many+0x2f/0x1a0
[ 1106.382771]  ? ksys_write+0x1a9/0x260
[ 1106.383535]  ? __ia32_sys_read+0xb0/0xb0
[ 1106.384356]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1106.385411]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1106.386451]  do_syscall_64+0x33/0x40
[ 1106.387198]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1106.388220] RIP: 0033:0x7f06e6057b19
[ 1106.389004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1106.392678] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1106.394248] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1106.395679] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1106.397123] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1106.398558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1106.399986] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:25:15 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:25:15 executing program 5:
r0 = open(&(0x7f0000000000)='./file1\x00', 0x600000, 0x1b2)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x8}}, 0x0, 0xffffffffffffffff, r0, 0x0)
lseek(r1, 0x0, 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x7}}, 0x1c)
fallocate(r1, 0x3, 0x52, 0x6)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080), 0x4)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x5f42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x5, 0x810, r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet(0xa, 0x3, 0xff)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'sit0\x00', <r6=>0x0})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000140)={@private0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400032, r6})
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x950)
syz_open_dev$vcsa(&(0x7f0000000840), 0x401, 0x28180)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x8, 0x7f, 0x9, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xfffffffffffff046, 0x2}, 0x0, 0xc5c1, 0xfc9, 0x2, 0x2, 0x7, 0x0, 0x0, 0x10001, 0x0, 0x5}, 0x0, 0xe, r1, 0xa)
io_uring_enter(0xffffffffffffffff, 0x6747, 0x374f, 0x59a38a85dece0a80, &(0x7f0000000200)={[0x9]}, 0x8)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwrite64(r7, &(0x7f00000000c0)="041a3a4985d424bdce9675f286982a09f7fe7569cb2c6e71f89e8019678c585aa70cc9e2435235dcb0b3434020d0f4d5613bb8bde96608eaf4af1834720900b040007af6d3edc14cd7ab81c733b614b0835ac6af8173be3b00015a826f2562ae98feb0d40000f80000", 0xff69, 0x3ff03)

04:25:15 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)

04:25:15 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xa1ff)

04:25:15 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

04:25:15 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:25:15 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:25:15 executing program 2:
syz_io_uring_setup(0x3a74, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
pkey_mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x20000, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
fadvise64(r1, 0x1f, 0x401, 0x0)
fallocate(r3, 0x19, 0x9623, 0x3)

[ 1123.027612] FAULT_INJECTION: forcing a failure.
[ 1123.027612] name failslab, interval 1, probability 0, space 0, times 0
[ 1123.030699] CPU: 1 PID: 7839 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1123.032100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1123.033836] Call Trace:
[ 1123.034393]  dump_stack+0x107/0x167
[ 1123.035171]  should_fail.cold+0x5/0xa
[ 1123.035944]  ? create_object.isra.0+0x3a/0xa20
[ 1123.036875]  should_failslab+0x5/0x20
[ 1123.037655]  kmem_cache_alloc+0x5b/0x310
[ 1123.038510]  ? mark_held_locks+0x9e/0xe0
[ 1123.039339]  create_object.isra.0+0x3a/0xa20
[ 1123.040232]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1123.041268]  kmem_cache_alloc_bulk+0x168/0x320
[ 1123.042206]  io_submit_sqes+0x6f76/0x85c0
[ 1123.043051]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1123.044054]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1123.045077]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1123.046069]  ? io_submit_sqes+0x85c0/0x85c0
[ 1123.046973]  ? recalibrate_cpu_khz+0x10/0x10
[ 1123.047883]  ? ktime_get+0x158/0x1f0
[ 1123.048648]  ? setup_APIC_eilvt+0x2f0/0x2f0
[ 1123.049537]  ? clockevents_program_event+0x131/0x360
[ 1123.050588]  ? tick_program_event+0xa8/0x140
[ 1123.051478]  ? hrtimer_interrupt+0x771/0x9b0
[ 1123.052387]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1123.053465]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1123.054513]  do_syscall_64+0x33/0x40
[ 1123.055291]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1123.056363] RIP: 0033:0x7f79e8f8cb19
[ 1123.057128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1123.060979] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1123.062583] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1123.064054] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1123.065514] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1123.066974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1123.068425] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1123.069660] FAULT_INJECTION: forcing a failure.
[ 1123.069660] name failslab, interval 1, probability 0, space 0, times 0
[ 1123.072725] CPU: 0 PID: 7850 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1123.074169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1123.075927] Call Trace:
[ 1123.076472]  dump_stack+0x107/0x167
[ 1123.077250]  should_fail.cold+0x5/0xa
[ 1123.078052]  should_failslab+0x5/0x20
[ 1123.078852]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1123.079784]  io_submit_sqes+0x6f76/0x85c0
[ 1123.080691]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1123.081755]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1123.082757]  ? lock_downgrade+0x6d0/0x6d0
[ 1123.083619]  ? find_held_lock+0x2c/0x110
[ 1123.084456]  ? io_submit_sqes+0x85c0/0x85c0
[ 1123.085399]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1123.086410]  ? wait_for_completion_io+0x270/0x270
[ 1123.087422]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1123.088383]  ? vfs_write+0x354/0xa70
[ 1123.089178]  ? fput_many+0x2f/0x1a0
[ 1123.089934]  ? ksys_write+0x1a9/0x260
[ 1123.090733]  ? __ia32_sys_read+0xb0/0xb0
[ 1123.091583]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1123.092659]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1123.093747]  do_syscall_64+0x33/0x40
[ 1123.094513]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1123.095573] RIP: 0033:0x7f06e6057b19
[ 1123.096343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1123.100196] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1123.101799] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1123.103420] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1123.104899] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1123.106383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1123.107846] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:25:16 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xf5ff)

04:25:16 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:25:16 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:25:16 executing program 2:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x410000, 0x1)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)

04:25:16 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffa1)

04:25:16 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)

04:25:16 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)

04:25:16 executing program 5:
r0 = open(&(0x7f0000000000)='./file1\x00', 0x600000, 0x1b2)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x8}}, 0x0, 0xffffffffffffffff, r0, 0x0)
lseek(r1, 0x0, 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x7}}, 0x1c)
fallocate(r1, 0x3, 0x52, 0x6)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080), 0x4)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x5f42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x5, 0x810, r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet(0xa, 0x3, 0xff)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'sit0\x00', <r6=>0x0})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000140)={@private0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400032, r6})
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x950)
syz_open_dev$vcsa(&(0x7f0000000840), 0x401, 0x28180)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x8, 0x7f, 0x9, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xfffffffffffff046, 0x2}, 0x0, 0xc5c1, 0xfc9, 0x2, 0x2, 0x7, 0x0, 0x0, 0x10001, 0x0, 0x5}, 0x0, 0xe, r1, 0xa)
io_uring_enter(0xffffffffffffffff, 0x6747, 0x374f, 0x59a38a85dece0a80, &(0x7f0000000200)={[0x9]}, 0x8)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwrite64(r7, &(0x7f00000000c0)="041a3a4985d424bdce9675f286982a09f7fe7569cb2c6e71f89e8019678c585aa70cc9e2435235dcb0b3434020d0f4d5613bb8bde96608eaf4af1834720900b040007af6d3edc14cd7ab81c733b614b0835ac6af8173be3b00015a826f2562ae98feb0d40000f80000", 0xff69, 0x3ff03)

[ 1123.421830] FAULT_INJECTION: forcing a failure.
[ 1123.421830] name failslab, interval 1, probability 0, space 0, times 0
[ 1123.424545] CPU: 0 PID: 7878 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1123.425984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1123.427715] Call Trace:
[ 1123.428273]  dump_stack+0x107/0x167
[ 1123.429043]  should_fail.cold+0x5/0xa
[ 1123.429840]  ? create_object.isra.0+0x3a/0xa20
[ 1123.430799]  should_failslab+0x5/0x20
[ 1123.431601]  kmem_cache_alloc+0x5b/0x310
[ 1123.432458]  create_object.isra.0+0x3a/0xa20
[ 1123.433397]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1123.434469]  kmem_cache_alloc_bulk+0x168/0x320
[ 1123.435419]  io_submit_sqes+0x6f76/0x85c0
[ 1123.436321]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1123.437384]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1123.438398]  ? lock_downgrade+0x6d0/0x6d0
[ 1123.439268]  ? find_held_lock+0x2c/0x110
[ 1123.440122]  ? io_submit_sqes+0x85c0/0x85c0
[ 1123.441061]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1123.442099]  ? wait_for_completion_io+0x270/0x270
[ 1123.443110]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1123.444084]  ? vfs_write+0x354/0xa70
[ 1123.444874]  ? fput_many+0x2f/0x1a0
[ 1123.445703]  ? ksys_write+0x1a9/0x260
[ 1123.446533]  ? __ia32_sys_read+0xb0/0xb0
[ 1123.447410]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1123.448503]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1123.449598]  do_syscall_64+0x33/0x40
[ 1123.450374]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1123.451434] RIP: 0033:0x7f06e6057b19
[ 1123.452212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1123.456012] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1123.457606] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1123.459087] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1123.460579] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1123.462078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1123.463557] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:25:16 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:25:16 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:25:16 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1123.502162] FAULT_INJECTION: forcing a failure.
[ 1123.502162] name failslab, interval 1, probability 0, space 0, times 0
[ 1123.505150] CPU: 0 PID: 7880 Comm: syz-executor.3 Not tainted 5.10.207 #1
04:25:16 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfff5)

[ 1123.506595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1123.508420] Call Trace:
[ 1123.508982]  dump_stack+0x107/0x167
[ 1123.509763]  should_fail.cold+0x5/0xa
[ 1123.510577]  ? create_object.isra.0+0x3a/0xa20
[ 1123.511555]  should_failslab+0x5/0x20
[ 1123.512358]  kmem_cache_alloc+0x5b/0x310
[ 1123.513224]  ? mark_held_locks+0x9e/0xe0
[ 1123.514083]  create_object.isra.0+0x3a/0xa20
[ 1123.515002]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1123.516069]  kmem_cache_alloc_bulk+0x168/0x320
[ 1123.517048]  io_submit_sqes+0x6f76/0x85c0
[ 1123.517926]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1123.518961]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1123.520003]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1123.521038]  ? lock_downgrade+0x6d0/0x6d0
[ 1123.521906]  ? find_held_lock+0x2c/0x110
[ 1123.522767]  ? io_submit_sqes+0x85c0/0x85c0
[ 1123.523690]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1123.524713]  ? wait_for_completion_io+0x270/0x270
[ 1123.525758]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1123.526748]  ? vfs_write+0x354/0xa70
[ 1123.527545]  ? fput_many+0x2f/0x1a0
[ 1123.528314]  ? ksys_write+0x1a9/0x260
[ 1123.529128]  ? __ia32_sys_read+0xb0/0xb0
[ 1123.529986]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1123.531081]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1123.532188]  do_syscall_64+0x33/0x40
[ 1123.532987]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1123.534073] RIP: 0033:0x7f79e8f8cb19
[ 1123.534863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1123.538896] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1123.540487] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1123.541979] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1123.543457] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1123.544933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1123.546415] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:25:29 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)

04:25:29 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x400000)

04:25:29 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f0000001840))
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f00000000c0))
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
dup(0xffffffffffffffff)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000140), 0x0, 0x0)
openat(r1, &(0x7f0000000180)='./file0\x00', 0x14200, 0x2e)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
ioctl$CDROM_MEDIA_CHANGED(r1, 0x5325, 0x8)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80010}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

04:25:29 executing program 5:
r0 = open(&(0x7f0000000000)='./file1\x00', 0x600000, 0x1b2)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x8}}, 0x0, 0xffffffffffffffff, r0, 0x0)
lseek(r1, 0x0, 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x7}}, 0x1c)
fallocate(r1, 0x3, 0x52, 0x6)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080), 0x4)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x5f42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x5, 0x810, r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet(0xa, 0x3, 0xff)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'sit0\x00', <r6=>0x0})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000140)={@private0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400032, r6})
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x950)
syz_open_dev$vcsa(&(0x7f0000000840), 0x401, 0x28180)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x8, 0x7f, 0x9, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xfffffffffffff046, 0x2}, 0x0, 0xc5c1, 0xfc9, 0x2, 0x2, 0x7, 0x0, 0x0, 0x10001, 0x0, 0x5}, 0x0, 0xe, r1, 0xa)
io_uring_enter(0xffffffffffffffff, 0x6747, 0x374f, 0x59a38a85dece0a80, &(0x7f0000000200)={[0x9]}, 0x8)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwrite64(r7, &(0x7f00000000c0)="041a3a4985d424bdce9675f286982a09f7fe7569cb2c6e71f89e8019678c585aa70cc9e2435235dcb0b3434020d0f4d5613bb8bde96608eaf4af1834720900b040007af6d3edc14cd7ab81c733b614b0835ac6af8173be3b00015a826f2562ae98feb0d40000f80000", 0xff69, 0x3ff03)

04:25:29 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:25:29 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:25:29 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:25:29 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

[ 1136.604861] FAULT_INJECTION: forcing a failure.
[ 1136.604861] name failslab, interval 1, probability 0, space 0, times 0
[ 1136.606561] CPU: 0 PID: 7902 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1136.607335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1136.608320] Call Trace:
[ 1136.608622]  dump_stack+0x107/0x167
[ 1136.609053]  should_fail.cold+0x5/0xa
[ 1136.609521]  ? create_object.isra.0+0x3a/0xa20
[ 1136.610056]  should_failslab+0x5/0x20
[ 1136.610514]  kmem_cache_alloc+0x5b/0x310
[ 1136.611008]  ? mark_held_locks+0x9e/0xe0
[ 1136.611501]  create_object.isra.0+0x3a/0xa20
[ 1136.612023]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1136.612632]  kmem_cache_alloc_bulk+0x168/0x320
[ 1136.613206]  io_submit_sqes+0x6f76/0x85c0
[ 1136.613718]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1136.614314]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1136.614902]  ? lock_downgrade+0x6d0/0x6d0
[ 1136.615422]  ? find_held_lock+0x2c/0x110
[ 1136.615914]  ? io_submit_sqes+0x85c0/0x85c0
[ 1136.616441]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1136.617020]  ? wait_for_completion_io+0x270/0x270
[ 1136.617613]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1136.618172]  ? vfs_write+0x354/0xa70
[ 1136.618619]  ? fput_many+0x2f/0x1a0
[ 1136.619067]  ? ksys_write+0x1a9/0x260
[ 1136.619528]  ? __ia32_sys_read+0xb0/0xb0
[ 1136.620012]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1136.620641]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1136.621266]  do_syscall_64+0x33/0x40
[ 1136.621706]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1136.622310] RIP: 0033:0x7f06e6057b19
[ 1136.622731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1136.624921] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1136.625859] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1136.626710] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1136.627581] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1136.628478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1136.629088] FAULT_INJECTION: forcing a failure.
[ 1136.629088] name failslab, interval 1, probability 0, space 0, times 0
[ 1136.629311] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1136.633543] CPU: 1 PID: 7913 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1136.634925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1136.636627] Call Trace:
[ 1136.637174]  dump_stack+0x107/0x167
[ 1136.637914]  should_fail.cold+0x5/0xa
[ 1136.638686]  ? create_object.isra.0+0x3a/0xa20
[ 1136.639611]  should_failslab+0x5/0x20
[ 1136.640369]  kmem_cache_alloc+0x5b/0x310
[ 1136.641206]  ? mark_held_locks+0x9e/0xe0
[ 1136.642034]  create_object.isra.0+0x3a/0xa20
[ 1136.642933]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1136.643970]  kmem_cache_alloc_bulk+0x168/0x320
[ 1136.644907]  io_submit_sqes+0x6f76/0x85c0
[ 1136.645771]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1136.646786]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1136.647812]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1136.648795]  ? lock_downgrade+0x6d0/0x6d0
[ 1136.649643]  ? find_held_lock+0x2c/0x110
[ 1136.650473]  ? io_submit_sqes+0x85c0/0x85c0
[ 1136.651360]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1136.652344]  ? wait_for_completion_io+0x270/0x270
[ 1136.653337]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1136.654280]  ? vfs_write+0x354/0xa70
[ 1136.655042]  ? fput_many+0x2f/0x1a0
[ 1136.655785]  ? ksys_write+0x1a9/0x260
[ 1136.656558]  ? __ia32_sys_read+0xb0/0xb0
[ 1136.657408]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1136.658473]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1136.659531]  do_syscall_64+0x33/0x40
[ 1136.660285]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1136.661336] RIP: 0033:0x7f79e8f8cb19
[ 1136.662095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1136.665854] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1136.667365] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1136.668812] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1136.670268] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1136.671718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1136.673180] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:25:29 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)

[ 1136.723080] FAULT_INJECTION: forcing a failure.
[ 1136.723080] name failslab, interval 1, probability 0, space 0, times 0
[ 1136.724738] CPU: 0 PID: 7925 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1136.725534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1136.726436] Call Trace:
[ 1136.726736]  dump_stack+0x107/0x167
[ 1136.727247]  should_fail.cold+0x5/0xa
[ 1136.727263]  ? create_object.isra.0+0x3a/0xa20
[ 1136.727277]  should_failslab+0x5/0x20
[ 1136.727288]  kmem_cache_alloc+0x5b/0x310
[ 1136.727301]  ? mark_held_locks+0x9e/0xe0
04:25:29 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1136.727313]  create_object.isra.0+0x3a/0xa20
04:25:29 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1136.727324]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1136.727337]  kmem_cache_alloc_bulk+0x168/0x320
[ 1136.727354]  io_submit_sqes+0x6f76/0x85c0
[ 1136.727384]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1136.727394]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1136.727407]  ? lock_downgrade+0x6d0/0x6d0
[ 1136.727415]  ? find_held_lock+0x2c/0x110
[ 1136.727429]  ? io_submit_sqes+0x85c0/0x85c0
04:25:29 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000)

[ 1136.727447]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1136.727460]  ? wait_for_completion_io+0x270/0x270
[ 1136.727473]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1136.727483]  ? vfs_write+0x354/0xa70
[ 1136.727495]  ? fput_many+0x2f/0x1a0
[ 1136.727506]  ? ksys_write+0x1a9/0x260
[ 1136.727517]  ? __ia32_sys_read+0xb0/0xb0
[ 1136.727529]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1136.727539]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1136.727554]  do_syscall_64+0x33/0x40
[ 1136.727564]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1136.727571] RIP: 0033:0x7f06e6057b19
04:25:29 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)

[ 1136.727582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
04:25:29 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1136.727587] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1136.727599] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1136.727605] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1136.727611] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
04:25:29 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1136.727617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1136.727623] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1137.068856] FAULT_INJECTION: forcing a failure.
[ 1137.068856] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1137.070978] CPU: 0 PID: 7936 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1137.071976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1137.073199] Call Trace:
[ 1137.073586]  dump_stack+0x107/0x167
[ 1137.074142]  should_fail.cold+0x5/0xa
[ 1137.074709]  __alloc_pages_nodemask+0x182/0x600
[ 1137.075413]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 1137.076291]  alloc_pages_current+0x187/0x280
[ 1137.076932]  allocate_slab+0x26f/0x380
[ 1137.077510]  ___slab_alloc+0x470/0x700
[ 1137.078076]  ? io_submit_sqes+0x6f76/0x85c0
[ 1137.078719]  ? kmem_cache_alloc_bulk+0x1ec/0x320
[ 1137.079393]  kmem_cache_alloc_bulk+0x1ec/0x320
[ 1137.080063]  io_submit_sqes+0x6f76/0x85c0
[ 1137.080698]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1137.081440]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1137.082155]  ? lock_downgrade+0x6d0/0x6d0
[ 1137.082767]  ? find_held_lock+0x2c/0x110
[ 1137.083349]  ? io_submit_sqes+0x85c0/0x85c0
[ 1137.084002]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1137.084711]  ? wait_for_completion_io+0x270/0x270
[ 1137.085426]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1137.086105]  ? vfs_write+0x354/0xa70
[ 1137.086665]  ? fput_many+0x2f/0x1a0
[ 1137.087205]  ? ksys_write+0x1a9/0x260
[ 1137.087773]  ? __ia32_sys_read+0xb0/0xb0
[ 1137.088384]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1137.089169]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1137.089943]  do_syscall_64+0x33/0x40
[ 1137.090474]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1137.091202] RIP: 0033:0x7f06e6057b19
[ 1137.091740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1137.094435] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1137.095527] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1137.096548] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1137.097574] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1137.098592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1137.099620] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:25:30 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:25:30 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000)

04:25:43 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:25:43 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)

04:25:43 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xa1ffffff)

04:25:43 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:25:43 executing program 5:
r0 = open(&(0x7f0000000000)='./file1\x00', 0x600000, 0x1b2)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x8}}, 0x0, 0xffffffffffffffff, r0, 0x0)
lseek(r1, 0x0, 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x7}}, 0x1c)
fallocate(r1, 0x3, 0x52, 0x6)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080), 0x4)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x5f42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x5, 0x810, r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet(0xa, 0x3, 0xff)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'sit0\x00', <r6=>0x0})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000140)={@private0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400032, r6})
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x950)
syz_open_dev$vcsa(&(0x7f0000000840), 0x401, 0x28180)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x8, 0x7f, 0x9, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0xfffffffffffff046, 0x2}, 0x0, 0xc5c1, 0xfc9, 0x2, 0x2, 0x7, 0x0, 0x0, 0x10001, 0x0, 0x5}, 0x0, 0xe, r1, 0xa)
io_uring_enter(0xffffffffffffffff, 0x6747, 0x374f, 0x59a38a85dece0a80, &(0x7f0000000200)={[0x9]}, 0x8)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwrite64(r7, &(0x7f00000000c0)="041a3a4985d424bdce9675f286982a09f7fe7569cb2c6e71f89e8019678c585aa70cc9e2435235dcb0b3434020d0f4d5613bb8bde96608eaf4af1834720900b040007af6d3edc14cd7ab81c733b614b0835ac6af8173be3b00015a826f2562ae98feb0d40000f80000", 0xff69, 0x3ff03)

04:25:43 executing program 2:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x23, 0x5, 0x6, 0x0, 0xffffffff, 0x64, 0x4, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x100000000, 0x80}, 0x41002, 0x7ff, 0x4, 0x1, 0x4, 0xfffffffe, 0xb22, 0x0, 0x9, 0x0, 0xf2}, 0x0, 0xa, r1, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
r2 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x102000, 0x40)
socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
write$binfmt_script(r3, 0x0, 0xb)
pread64(r2, &(0x7f00000003c0)=""/4096, 0x1000, 0x8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x125342, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0xce)
r6 = dup2(r5, r4)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001640), 0x10018c6, &(0x7f0000000340)=ANY=[@ANYBLOB="43e31f68a5cc43ec69aa4806b01906076162f9ffffff7f25790aa0db89f36cf6d04afed91b937e00001233a571b304c38b6d420000000000000000000000000000fcffffff0000000000000000000000000004000000000000", @ANYRES16])
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10009ff}], 0x0, 0x0)
sendfile(r7, r6, 0x0, 0x7ffffff9)

04:25:43 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:25:43 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15)

[ 1150.998113] FAULT_INJECTION: forcing a failure.
[ 1150.998113] name failslab, interval 1, probability 0, space 0, times 0
[ 1151.000936] CPU: 0 PID: 7958 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1151.002386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1151.004119] Call Trace:
[ 1151.004677]  dump_stack+0x107/0x167
[ 1151.005464]  should_fail.cold+0x5/0xa
[ 1151.006266]  ? create_object.isra.0+0x3a/0xa20
[ 1151.007229]  should_failslab+0x5/0x20
[ 1151.008058]  kmem_cache_alloc+0x5b/0x310
[ 1151.008908]  ? mark_held_locks+0x9e/0xe0
[ 1151.009775]  create_object.isra.0+0x3a/0xa20
[ 1151.010700]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1151.011772]  kmem_cache_alloc_bulk+0x168/0x320
[ 1151.012749]  io_submit_sqes+0x6f76/0x85c0
[ 1151.013656]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1151.014694]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1151.015707]  ? lock_downgrade+0x6d0/0x6d0
[ 1151.016584]  ? find_held_lock+0x2c/0x110
[ 1151.017462]  ? io_submit_sqes+0x85c0/0x85c0
[ 1151.018386]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1151.019410]  ? wait_for_completion_io+0x270/0x270
[ 1151.020423]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1151.020770] FAULT_INJECTION: forcing a failure.
[ 1151.020770] name failslab, interval 1, probability 0, space 0, times 0
[ 1151.021390]  ? vfs_write+0x354/0xa70
[ 1151.021414]  ? fput_many+0x2f/0x1a0
[ 1151.021434]  ? ksys_write+0x1a9/0x260
[ 1151.021453]  ? __ia32_sys_read+0xb0/0xb0
[ 1151.021477]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1151.021494]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1151.021519]  do_syscall_64+0x33/0x40
[ 1151.021536]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1151.021548] RIP: 0033:0x7f06e6057b19
[ 1151.021567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1151.021577] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1151.021598] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1151.021608] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1151.021619] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1151.021629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1151.021640] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1151.045181] CPU: 1 PID: 7970 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1151.046580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1151.048265] Call Trace:
[ 1151.048837]  dump_stack+0x107/0x167
[ 1151.049589]  should_fail.cold+0x5/0xa
[ 1151.050368]  ? create_object.isra.0+0x3a/0xa20
[ 1151.051294]  should_failslab+0x5/0x20
[ 1151.052062]  kmem_cache_alloc+0x5b/0x310
[ 1151.052885]  ? mark_held_locks+0x9e/0xe0
[ 1151.053749]  create_object.isra.0+0x3a/0xa20
[ 1151.054644]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1151.055681]  kmem_cache_alloc_bulk+0x168/0x320
[ 1151.056629]  io_submit_sqes+0x6f76/0x85c0
[ 1151.057505]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1151.058517]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1151.059553]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1151.060553]  ? lock_downgrade+0x6d0/0x6d0
[ 1151.061407]  ? find_held_lock+0x2c/0x110
[ 1151.062255]  ? io_submit_sqes+0x85c0/0x85c0
[ 1151.063153]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1151.064167]  ? wait_for_completion_io+0x270/0x270
[ 1151.065164]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1151.066146]  ? vfs_write+0x354/0xa70
[ 1151.066925]  ? fput_many+0x2f/0x1a0
[ 1151.067678]  ? ksys_write+0x1a9/0x260
[ 1151.068471]  ? __ia32_sys_read+0xb0/0xb0
[ 1151.069332]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1151.070423]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1151.071506]  do_syscall_64+0x33/0x40
[ 1151.072283]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1151.073356] RIP: 0033:0x7f79e8f8cb19
[ 1151.074130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1151.077958] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1151.079528] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1151.081007] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1151.081019] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1151.081030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1151.081052] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:25:44 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xf5ffffff)

04:25:44 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b000000000400053c01e900d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000d0a9da48497c4915a7449265c583aec0ffff40", 0x1f, 0x4e0}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {0x0, 0x0, 0xffffffff00000001}], 0x0, &(0x7f00000000c0)=ANY=[])

[ 1151.415787] EXT4-fs (loop5): failed to open journal device unknown-block(0,0) -6
[ 1151.443003] EXT4-fs (loop5): failed to open journal device unknown-block(0,0) -6
04:25:58 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="24000000180001002cbd7000000000000a000000080000007f00000108001400", @ANYRES32=r0, @ANYBLOB="09c4bff85e9f8b34a1fa87e7a1852da2d32d248c00dcb53110c271a477f3858755a8aff8ddb4ad20161d07a526acb6199cc8c12f252c7e38ee72629720a1a4df0f6c6e8f9b57472474c99187b17781fb9fc2e287eee69bcd26f4562389fd596630edb125957dd841bbfbddb8235c8ca2225dd5b62098161bd31a43cff0b4d46d7b94d99d371b166fb13839"], 0x24}}, 0x0)

04:25:58 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffffffa1)

04:25:58 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1165.127302] netlink: 'syz-executor.5': attribute type 20 has an invalid length.
04:25:58 executing program 2:
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000580)=ANY=[@ANYBLOB="00fe26f08c717172e91d11fcf1d03e37d0a9cdc5246497e6e9be2a52b04fa488404cabd15439f170e429dd5057d7d5db566fc9e481b1128bce328ef44be2ac02ea82a613a077c2508b07638c2da855795a8523c7986a4979fc9300627bae481812a27b8f03511a4dfbfc96803b89f8efb3de820ef8e9bd306955000037976789cf995521a65b9192b2dde0498242f304269068"], &(0x7f0000000340)=""/106, 0x6a)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xbe66f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x2030}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
recvmmsg(r0, 0x0, 0x0, 0x16060, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1001, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c00000001010300000000004000"/28], 0x1c}}, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmsg$inet6(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001)
recvmmsg(r1, &(0x7f0000000000), 0x5ac, 0x0, 0x0)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x81, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000140)={0x401})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff)

04:25:58 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16)

04:25:58 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:25:58 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)

04:25:58 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1165.151954] FAULT_INJECTION: forcing a failure.
[ 1165.151954] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.153574] CPU: 1 PID: 8010 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1165.154298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.155163] Call Trace:
[ 1165.155446]  dump_stack+0x107/0x167
[ 1165.155840]  should_fail.cold+0x5/0xa
[ 1165.156259]  should_failslab+0x5/0x20
[ 1165.156675]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1165.157166]  io_submit_sqes+0x6f76/0x85c0
[ 1165.157655]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1165.158189]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1165.158718]  ? lock_downgrade+0x6d0/0x6d0
[ 1165.159166]  ? find_held_lock+0x2c/0x110
[ 1165.159612]  ? io_submit_sqes+0x85c0/0x85c0
[ 1165.160090]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1165.160619]  ? wait_for_completion_io+0x270/0x270
[ 1165.161139]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1165.161662]  ? vfs_write+0x354/0xa70
[ 1165.162064]  ? fput_many+0x2f/0x1a0
[ 1165.162452]  ? ksys_write+0x1a9/0x260
[ 1165.162860]  ? __ia32_sys_read+0xb0/0xb0
[ 1165.163304]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1165.163888]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1165.164478]  do_syscall_64+0x33/0x40
[ 1165.164901]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1165.165452] RIP: 0033:0x7f79e8f8cb19
[ 1165.165855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.167916] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1165.168792] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1165.169567] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1165.170369] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.171178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1165.171942] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1165.178950] FAULT_INJECTION: forcing a failure.
[ 1165.178950] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.180332] CPU: 1 PID: 8007 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1165.181092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.181986] Call Trace:
[ 1165.182274]  dump_stack+0x107/0x167
[ 1165.182665]  should_fail.cold+0x5/0xa
[ 1165.183069]  ? create_object.isra.0+0x3a/0xa20
[ 1165.183558]  should_failslab+0x5/0x20
[ 1165.183967]  kmem_cache_alloc+0x5b/0x310
[ 1165.184408]  ? mark_held_locks+0x9e/0xe0
[ 1165.184856]  create_object.isra.0+0x3a/0xa20
[ 1165.185330]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1165.185883]  kmem_cache_alloc_bulk+0x168/0x320
[ 1165.186378]  io_submit_sqes+0x6f76/0x85c0
[ 1165.186846]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1165.187381]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1165.187918]  ? lock_downgrade+0x6d0/0x6d0
[ 1165.188365]  ? find_held_lock+0x2c/0x110
[ 1165.188808]  ? io_submit_sqes+0x85c0/0x85c0
[ 1165.189282]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1165.189802]  ? wait_for_completion_io+0x270/0x270
[ 1165.190327]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1165.190836]  ? vfs_write+0x354/0xa70
[ 1165.191258]  ? fput_many+0x2f/0x1a0
[ 1165.191674]  ? ksys_write+0x1a9/0x260
[ 1165.192100]  ? __ia32_sys_read+0xb0/0xb0
[ 1165.192566]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1165.193159]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1165.193763]  do_syscall_64+0x33/0x40
[ 1165.194184]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1165.194724] RIP: 0033:0x7f06e6057b19
[ 1165.195141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.197192] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1165.198082] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1165.198905] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1165.199711] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.200519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1165.201340] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1165.215516] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
04:25:58 executing program 5:
syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = inotify_init1(0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
inotify_add_watch(r1, &(0x7f0000000140)='./file0\x00', 0x12000440)
chdir(&(0x7f0000000040)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0)
r3 = inotify_init1(0x0)
r4 = inotify_add_watch(r3, &(0x7f0000000040)='.\x00', 0x2000003)
inotify_rm_watch(r3, r4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r6 = geteuid()
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0xffffffffffffffff, r7, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
setresuid(0xffffffffffffffff, r8, 0x0)
setxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000010005000000000002000300", @ANYRES32=r6, @ANYBLOB="02000600", @ANYRES32=r7, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000f00", @ANYRES32=0xee00, @ANYBLOB="0200043b", @ANYRES32=r8, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="02000200", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="1400b204778597434102009b6ef78b1329f3eb977e56c705229e250b2ea294949fbe8255d05f5082210378e5f885777378d438cdc7296c52deaca464029609a9631badff4381073c22e5d104eeac43491207f3cfea0a5a8e802a2a5ad1f0241f465978a0f963320eae51f0ae0c3bc3f1bc480aec5aa46619a5ba0242d7b7f13238ccd1f98a7b78a2fc8336f7cd38a3d7f5b6b70253bafc221fd8570e89304012fab76106d73b53c8d2807e291c581af352bb90e4e918a1bdbd339f7aed5594fa5bf73e206e19275939096aa983a8da262c0b42a0df1ec7f7f643366ae5e63edaf209afb43d6ee28e894c9c372aed6f596686a1b00a8e460327abc95426a3ccba53686321dd35116ed45be049897e3adf17e110", @ANYRES32=0xee00, @ANYBLOB="040002000000000008000200", @ANYRES32=0xee01, @ANYBLOB="10000700000000002000060000000000"], 0x74, 0x3)
sendfile(r2, r5, 0x0, 0x100000001)

04:25:58 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffff5)

04:25:58 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17)

[ 1165.375618] FAULT_INJECTION: forcing a failure.
[ 1165.375618] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.377644] CPU: 1 PID: 8025 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1165.378375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.379248] Call Trace:
[ 1165.379536]  dump_stack+0x107/0x167
[ 1165.379924]  should_fail.cold+0x5/0xa
[ 1165.380328]  ? create_object.isra.0+0x3a/0xa20
[ 1165.380803]  should_failslab+0x5/0x20
[ 1165.381208]  kmem_cache_alloc+0x5b/0x310
[ 1165.381659]  ? mark_held_locks+0x9e/0xe0
[ 1165.382095]  create_object.isra.0+0x3a/0xa20
[ 1165.382568]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1165.383108]  kmem_cache_alloc_bulk+0x168/0x320
[ 1165.383598]  io_submit_sqes+0x6f76/0x85c0
[ 1165.384056]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1165.384584]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1165.385113]  ? lock_downgrade+0x6d0/0x6d0
[ 1165.385566]  ? find_held_lock+0x2c/0x110
[ 1165.386020]  ? io_submit_sqes+0x85c0/0x85c0
[ 1165.386503]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1165.387033]  ? wait_for_completion_io+0x270/0x270
[ 1165.387555]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1165.388056]  ? vfs_write+0x354/0xa70
04:25:58 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1165.388461]  ? fput_many+0x2f/0x1a0
[ 1165.389000]  ? ksys_write+0x1a9/0x260
[ 1165.389419]  ? __ia32_sys_read+0xb0/0xb0
[ 1165.389874]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1165.390450]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1165.391022]  do_syscall_64+0x33/0x40
[ 1165.391423]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1165.391973] RIP: 0033:0x7f06e6057b19
[ 1165.392377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
04:25:58 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1165.394359] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1165.395336] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1165.396100] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1165.396895] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.397678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1165.398442] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:25:58 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)

04:25:58 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:25:58 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x7ffffffff000)

04:25:58 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r0, 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(r3, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[], 0xfdef)
fsetxattr$security_selinux(r0, 0x0, &(0x7f0000000140)='system_u:object_r:devtty_t:s0\x00', 0x1e, 0x0)
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$packet_int(r3, 0x107, 0xc, &(0x7f0000000080), 0x4)
syz_io_uring_complete(r1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x7}}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
socket$packet(0x11, 0x2, 0x300)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00'})

[ 1165.525048] FAULT_INJECTION: forcing a failure.
[ 1165.525048] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.527082] CPU: 0 PID: 8036 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1165.528163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.529477] Call Trace:
[ 1165.529910]  dump_stack+0x107/0x167
[ 1165.530507]  should_fail.cold+0x5/0xa
[ 1165.531151]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1165.532001]  should_failslab+0x5/0x20
[ 1165.532604]  __kmalloc_node+0x76/0x420
[ 1165.533232]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1165.534053]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1165.534834]  ? trace_hardirqs_on+0x5b/0x180
[ 1165.535505]  kmem_cache_alloc_bulk+0x182/0x320
[ 1165.536234]  io_submit_sqes+0x6f76/0x85c0
[ 1165.536894]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1165.537675]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1165.538464]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1165.539219]  ? lock_downgrade+0x6d0/0x6d0
[ 1165.539860]  ? find_held_lock+0x2c/0x110
[ 1165.540502]  ? io_submit_sqes+0x85c0/0x85c0
[ 1165.541172]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1165.541940]  ? wait_for_completion_io+0x270/0x270
[ 1165.542699]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1165.543434]  ? vfs_write+0x354/0xa70
[ 1165.544021]  ? fput_many+0x2f/0x1a0
[ 1165.544619]  ? ksys_write+0x1a9/0x260
[ 1165.545220]  ? __ia32_sys_read+0xb0/0xb0
[ 1165.545871]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1165.546696]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1165.547515]  do_syscall_64+0x33/0x40
[ 1165.548105]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1165.548909] RIP: 0033:0x7f79e8f8cb19
[ 1165.549517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.552410] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1165.553619] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1165.554740] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1165.555855] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.557012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1165.558159] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:26:11 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x40000000000000)

04:26:11 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:26:11 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:26:11 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18)

04:26:11 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)

04:26:11 executing program 5:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$802154_dgram(r0, &(0x7f00000000c0)={0x24, @short={0x2, 0xae8a80e6f6c78742, 0xaaa0}}, 0x14)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14)
connect$802154_dgram(r0, &(0x7f0000000080)={0x24, @short={0x2, 0x3}}, 0x14)
sendmmsg$sock(r0, &(0x7f00000021c0)=[{{0x0, 0x0, 0x0}}], 0x324, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000240)={<r2=>0xffffffffffffffff, 0x1, 0x6, 0x8000})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r0)
getsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r5, 0x6, 0x21, &(0x7f0000000040)="ddd8312b5695af1944881f92247c4ecd", 0x10)
dup2(r3, r5)
perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x40, 0x20, 0xc7, 0x1, 0x0, 0x9, 0x40320, 0xd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x10001, 0x0, @perf_config_ext={0x35a6, 0x10001}, 0x1009, 0x3ff, 0x5, 0x8, 0x5, 0x3, 0x0, 0x0, 0x4, 0x0, 0x7}, 0x0, 0x2, r2, 0x1)

04:26:11 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f00000000c0), 0x2}, 0x3080, 0x0, 0x0, 0x6, 0x0, 0x0, 0xa80}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r1)
ioctl$BTRFS_IOC_INO_PATHS(r2, 0xc0389423, &(0x7f0000000180)={0x5, 0x8, [0x3, 0x1, 0x9, 0x1f], &(0x7f0000000140)=[0x0]})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00')
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x64, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x331}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x64}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r9=>r0, {0xee01, 0xee01}}, './file1\x00'})
pipe(&(0x7f00000001c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
pidfd_getfd(r9, r11, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r4, 0xf503, 0x0)
sendfile(r3, r3, &(0x7f0000000040)=0xcb58, 0x7)

04:26:11 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1178.729606] FAULT_INJECTION: forcing a failure.
[ 1178.729606] name failslab, interval 1, probability 0, space 0, times 0
[ 1178.732418] CPU: 0 PID: 8063 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1178.733854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1178.735580] Call Trace:
[ 1178.736135]  dump_stack+0x107/0x167
[ 1178.736906]  should_fail.cold+0x5/0xa
[ 1178.737715]  ? create_object.isra.0+0x3a/0xa20
[ 1178.738708]  should_failslab+0x5/0x20
[ 1178.739516]  kmem_cache_alloc+0x5b/0x310
[ 1178.740375]  ? mark_held_locks+0x9e/0xe0
[ 1178.741233]  create_object.isra.0+0x3a/0xa20
[ 1178.741610] FAULT_INJECTION: forcing a failure.
[ 1178.741610] name failslab, interval 1, probability 0, space 0, times 0
[ 1178.742173]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1178.742204]  kmem_cache_alloc_bulk+0x168/0x320
[ 1178.742231]  io_submit_sqes+0x6f76/0x85c0
[ 1178.742295]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1178.748443]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1178.749442]  ? lock_downgrade+0x6d0/0x6d0
[ 1178.750310]  ? find_held_lock+0x2c/0x110
[ 1178.751154]  ? io_submit_sqes+0x85c0/0x85c0
[ 1178.752068]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1178.753089]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1178.754207]  ? asm_sysvec_call_function_single+0x12/0x20
[ 1178.755331]  ? trace_hardirqs_on+0x5b/0x180
[ 1178.756232]  ? asm_sysvec_call_function_single+0x12/0x20
[ 1178.757371]  ? __io_uring_cancel+0x20/0x20
[ 1178.758273]  do_syscall_64+0x33/0x40
[ 1178.759047]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1178.760115] RIP: 0033:0x7f06e6057b19
[ 1178.760896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1178.764739] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1178.766318] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1178.767785] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1178.769249] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1178.770729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1178.772193] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1178.773715] CPU: 1 PID: 8070 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1178.775102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1178.776754] Call Trace:
[ 1178.777288]  dump_stack+0x107/0x167
[ 1178.778052]  should_fail.cold+0x5/0xa
[ 1178.778821]  ? create_object.isra.0+0x3a/0xa20
[ 1178.779744]  should_failslab+0x5/0x20
[ 1178.780510]  kmem_cache_alloc+0x5b/0x310
[ 1178.781327]  ? mark_held_locks+0x9e/0xe0
[ 1178.782159]  create_object.isra.0+0x3a/0xa20
[ 1178.783042]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1178.784075]  kmem_cache_alloc_bulk+0x168/0x320
[ 1178.785002]  io_submit_sqes+0x6f76/0x85c0
[ 1178.785883]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1178.786901]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1178.787877]  ? lock_downgrade+0x6d0/0x6d0
[ 1178.788712]  ? find_held_lock+0x2c/0x110
[ 1178.789533]  ? io_submit_sqes+0x85c0/0x85c0
[ 1178.790444]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1178.791423]  ? wait_for_completion_io+0x270/0x270
[ 1178.792406]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1178.793334]  ? vfs_write+0x354/0xa70
[ 1178.794095]  ? fput_many+0x2f/0x1a0
[ 1178.794826]  ? ksys_write+0x1a9/0x260
[ 1178.795589]  ? __ia32_sys_read+0xb0/0xb0
[ 1178.796409]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1178.797467]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1178.798521]  do_syscall_64+0x33/0x40
[ 1178.799268]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1178.800298] RIP: 0033:0x7f79e8f8cb19
[ 1178.801043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1178.804815] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1178.806366] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1178.807796] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1178.809247] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1178.810690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1178.812115] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:26:11 executing program 2:
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x0, 0x179)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, 0x0, 0x4, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x80}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x40)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x80, 0x1)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
bind$bt_hci(r2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
io_submit(0x0, 0x0, &(0x7f0000000300))
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
fcntl$dupfd(r5, 0x406, r1)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000440))
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={0x3c, 0x0, 0x8, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x23}}}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x80000001, 0x19}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x7, 0xffffffffffffff01, 0x5, 0x3})

04:26:11 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:26:11 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000000000000)

04:26:11 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:26:11 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1179.038372] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
04:26:26 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:26:26 executing program 5:
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x16, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_mreq(r1, 0x29, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000640)=0x7)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000680)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
bind$unix(r2, 0x0, 0x0)
connect$unix(r2, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
syz_io_uring_setup(0x457f, 0x0, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000180)=<r4=>0x0)
syz_io_uring_submit(0x0, r4, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd=r1, 0x0, 0x1ee, 0x5, 0x4}, 0x7)
clone3(&(0x7f0000000400)={0x80, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)=<r5=>0x0, {0x27}, &(0x7f00000002c0)=""/245, 0xf5, &(0x7f0000000500)=""/210, &(0x7f00000003c0)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2, {r0}}, 0x58)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f0000000800)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000000900)=[{&(0x7f0000000840)="84fc8a961c9d66f7fb6e296df8d5c3b96e787e4bec17419bb45a05ca83c3dbb8458ff903f2b87834d15a5501085c073233e5ddf876ef2ea9f19b95e78f64b10eaa615abb5ec70fe7ba6e51a0f4f5e5ba7fdea128e720202619f1bee672abf67427", 0x61}, {&(0x7f00000008c0)="2ad0fd4bddf14f3bbe1c8182e8f1768d02f40a38bc66fd", 0x17}], 0x2, &(0x7f0000000940)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @local, @empty}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x24}}, @ip_tos_int={{0x14}}], 0x80}, 0x8004811)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0xfe, 0x6, 0x0, 0x0, 0x0, 0x4307, 0x20010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600), 0xc}, 0x4c20, 0x0, 0x400}, r5, 0x8, 0xffffffffffffffff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x28, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0x14, 0x11, 0x0, 0x1, [@generic="809801a7b0c7dba09475f251c743092f"]}]}, 0x28}}, 0x0)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="2400112c5a0c39000008060500008b8d00000000dd000a00000305000100ff000000050001321b81d4dfccc877c22b411ac109d6f78ea7ffa4266aa38dc261d44224bae630cfc4427b8a831cb8fa6db3a8508982c4c3f0ae5889e4a3157efe38960302a30eadfb97b648c3178b9cb60063022cac699e69ec05972f45b17ab027a6a082c5198dfef580851150a730e50fed91d3c53cd55ab84f04537c7f85eab22e37ce13d57ea04298f358c01f4e1e8f417e7bbff9241f79a7b0472367d3d2d9babf7cffff2924c99bb9fbdc97e3263dee01"], 0x24}}, 0x80)

04:26:26 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:26:26 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000240)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x2, @private1, 0x1b8955dc}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000140)="ce1ba75342bbabc2c442de4928a8c54dcf54aa7529b282122af0ad8276999156df6ae04e674d3ebd40102bd5f4e75e6e2b79dd53dd3c2b87cb07087af3f52df2a95757f2cab30fddbe7d1de1c46bd4eb405eb00af55ce5d3a4d6893b8f642a8e0d00edf4394260bdbfd581da2e7017f67b170fa16466adb19afcd76be8", 0x7d}, {&(0x7f00000002c0)="545b442e4744e7687266710ee0e1b094f4e656e94ab777500f9ee53eea03dad0ffaa528de7f1ff96ec9020208356577f8f42e40da34bcc8e040e1b42d7f2448bbd0a1c1bb9b9a80c19684017b5f29aa958c3732dfc47a9c6c52ccfc1ebc0daa7932f84f35a605852f8cd5b65f135b7063612fce7fb38785e01d72ee89af6c5da60c5412b1b3d0cdbf1910c8ce66ca96f69ab487f1f04937dfdeab5951fe245f5ef7c28c09e9752561750a10605928d7b148453040152038e329d1fa3ffbcfc946ad366e83f0758493ba38fe879279e519c41e022b3c0eaed60cb1f2ce70f68", 0xdf}, {&(0x7f00000000c0)}], 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="30000000000000002900000036000000ff02000000000000c2040000000801030000000101000001000001000000000088000000000000002900000039000000020e00050000000000000000000000000000000000000000fe880000000000000000000000000001fe8000000000000000000000000000aa00000000000000000000ffff08000000ff020000000000000000000000000001fe800000000000000000000000000043fe8000000000000000000000000000aa1400000000000000290000003e000000080000000009000090000000000002002900000036000000840f000000000000071800000000040804000300000000000000290d000000000000015c7a10c553136c05312b7ce147f43d0407e181bc6c8122fc6d6ccbd58a6b0322393b2fcc85ce7e52d2c7ee2494e55e814375832f51f69ef02fb9925dc668b82ee970a23a30c9df0c61cb1fab2935f9a57bac3b4fb6f8d2188eff5d9feda8000000000000002900000037000000130000000000000710000000030201000800000000000000007f00c204000000010730000000000a01dc0d060000000000000004000000000000000900000000000000d4fa0000000000000500000000000000c910000000000000000000000000000000011f0004011f072000000001060126000000000000000000040108040120000000000020000000000000002900000037000000b8000000000000000401050502010000140000000000000029000000430000000080000000000000af202c2e62725e9e72561e45a42428428fe6c04fbe5505b93306acd7e88373d54aa22a4b474a31202417bdba5582f86cd278f3e4167c25a2d979c03747806b3c413d43aad0f5927ef25ddef7bb07c6be4b158483bc6a6035de79dcec43f110eaf78ad755a8"], 0x240}}], 0x1, 0x4008805)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x29eb, 0x4)
r2 = creat(&(0x7f0000000200)='./file1\x00', 0x2)
accept4$inet6(r2, 0x0, &(0x7f0000000040), 0x80800)
ioctl$RTC_PIE_ON(r2, 0x7005)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000100), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x20040000)

04:26:26 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)

04:26:26 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xf0ffffff7f0000)

04:26:26 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:26:26 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19)

[ 1193.989873] FAULT_INJECTION: forcing a failure.
[ 1193.989873] name failslab, interval 1, probability 0, space 0, times 0
[ 1193.991568] CPU: 1 PID: 8114 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1193.992368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1193.993340] Call Trace:
[ 1193.993664]  dump_stack+0x107/0x167
[ 1193.994115]  should_fail.cold+0x5/0xa
[ 1193.994562]  ? create_object.isra.0+0x3a/0xa20
[ 1193.995105]  should_failslab+0x5/0x20
[ 1193.995547]  kmem_cache_alloc+0x5b/0x310
[ 1193.996020]  ? mark_held_locks+0x9e/0xe0
[ 1193.996485]  create_object.isra.0+0x3a/0xa20
[ 1193.996995]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1193.997561]  kmem_cache_alloc_bulk+0x168/0x320
[ 1193.998121]  io_submit_sqes+0x6f76/0x85c0
[ 1193.998603]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1193.999156]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1193.999743]  ? lock_downgrade+0x6d0/0x6d0
[ 1194.000204]  ? find_held_lock+0x2c/0x110
[ 1194.000660]  ? io_submit_sqes+0x85c0/0x85c0
[ 1194.001144]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1194.001679]  ? wait_for_completion_io+0x270/0x270
[ 1194.002267]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1194.002849]  ? vfs_write+0x354/0xa70
[ 1194.003324]  ? fput_many+0x2f/0x1a0
[ 1194.003755]  ? ksys_write+0x1a9/0x260
[ 1194.004234]  ? __ia32_sys_read+0xb0/0xb0
[ 1194.004752]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1194.005408]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1194.006066]  do_syscall_64+0x33/0x40
[ 1194.006532]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1194.007179] RIP: 0033:0x7f79e8f8cb19
[ 1194.007651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1194.009832] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1194.010795] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1194.011632] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1194.012464] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1194.013296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1194.014140] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1194.014865] FAULT_INJECTION: forcing a failure.
[ 1194.014865] name failslab, interval 1, probability 0, space 0, times 0
[ 1194.017853] CPU: 0 PID: 8121 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1194.019309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1194.021070] Call Trace:
[ 1194.021644]  dump_stack+0x107/0x167
[ 1194.022439]  should_fail.cold+0x5/0xa
[ 1194.023268]  should_failslab+0x5/0x20
[ 1194.024093]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1194.025064]  io_submit_sqes+0x6f76/0x85c0
[ 1194.026003]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1194.027058]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1194.028105]  ? lock_downgrade+0x6d0/0x6d0
[ 1194.028982]  ? find_held_lock+0x2c/0x110
[ 1194.029867]  ? io_submit_sqes+0x85c0/0x85c0
[ 1194.030797]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1194.031827]  ? wait_for_completion_io+0x270/0x270
[ 1194.032859]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1194.033865]  ? vfs_write+0x354/0xa70
[ 1194.034665]  ? fput_many+0x2f/0x1a0
[ 1194.035424]  ? ksys_write+0x1a9/0x260
[ 1194.036230]  ? __ia32_sys_read+0xb0/0xb0
[ 1194.037103]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1194.038231]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1194.039337]  do_syscall_64+0x33/0x40
[ 1194.040138]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1194.041227] RIP: 0033:0x7f06e6057b19
[ 1194.042042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1194.045960] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1194.047583] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1194.049101] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1194.050638] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1194.052162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1194.053714] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:26:27 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1194.116692] sysfs: cannot create duplicate filename '/class/ieee80211/€˜
§°ÇÛ ”uòQÇC	!'
[ 1194.117631] CPU: 1 PID: 8130 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1194.118419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1194.119285] Call Trace:
[ 1194.119583]  dump_stack+0x107/0x167
[ 1194.119994]  sysfs_warn_dup.cold+0x1c/0x29
[ 1194.120464]  sysfs_do_create_link_sd+0x122/0x140
[ 1194.121065]  sysfs_create_link+0x5f/0xc0
[ 1194.121523]  device_add+0x703/0x1c50
[ 1194.121952]  ? devlink_add_symlinks+0x970/0x970
[ 1194.122475]  ? ieee80211_set_bitrate_flags+0x202/0x620
[ 1194.123058]  wiphy_register+0x1da6/0x2850
[ 1194.123528]  ? wiphy_unregister+0xb90/0xb90
[ 1194.124017]  ? ieee80211_init_rate_ctrl_alg+0x121/0x500
[ 1194.124590]  ieee80211_register_hw+0x23c5/0x38b0
[ 1194.125129]  ? ieee80211_ifa6_changed+0x4d0/0x4d0
[ 1194.125658]  ? net_generic+0xdb/0x2b0
[ 1194.126091]  ? lockdep_init_map_type+0x2c7/0x780
[ 1194.126653]  ? memset+0x20/0x50
[ 1194.127043]  ? __hrtimer_init+0x12c/0x270
[ 1194.127535]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1194.128126]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1194.128663]  ? hwsim_new_radio_nl+0x967/0x1080
[ 1194.129187]  ? memcpy+0x39/0x60
[ 1194.129538]  hwsim_new_radio_nl+0x991/0x1080
[ 1194.130074]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1194.130689]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1194.131437]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1194.132188]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1194.132742]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1194.133495]  ? cap_capable+0x1cd/0x230
[ 1194.133971]  ? ns_capable+0xe2/0x110
[ 1194.134419]  genl_rcv_msg+0x33c/0x5a0
[ 1194.134860]  ? genl_get_cmd+0x480/0x480
[ 1194.135316]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1194.135863]  ? lock_release+0x680/0x680
[ 1194.136314]  ? __lockdep_reset_lock+0x180/0x180
[ 1194.136850]  netlink_rcv_skb+0x14b/0x430
[ 1194.137317]  ? genl_get_cmd+0x480/0x480
[ 1194.137773]  ? netlink_ack+0xab0/0xab0
[ 1194.138246]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1194.138773]  ? is_vmalloc_addr+0x7b/0xb0
[ 1194.139240]  genl_rcv+0x24/0x40
[ 1194.139616]  netlink_unicast+0x549/0x7f0
[ 1194.140089]  ? netlink_attachskb+0x870/0x870
[ 1194.140552]  ? __virt_addr_valid+0x128/0x350
[ 1194.141066]  netlink_sendmsg+0x90f/0xdf0
[ 1194.141543]  ? netlink_unicast+0x7f0/0x7f0
[ 1194.142043]  ? netlink_unicast+0x7f0/0x7f0
[ 1194.142528]  __sock_sendmsg+0x154/0x190
[ 1194.142984]  ____sys_sendmsg+0x70d/0x870
[ 1194.143456]  ? sock_write_iter+0x3d0/0x3d0
[ 1194.143935]  ? do_recvmmsg+0x6d0/0x6d0
[ 1194.144379]  ? perf_trace_lock+0xac/0x490
[ 1194.144865]  ? __lockdep_reset_lock+0x180/0x180
[ 1194.145389]  ? __lock_acquire+0xbb1/0x5b00
[ 1194.145882]  ___sys_sendmsg+0xf3/0x170
[ 1194.146329]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1194.146852]  ? lock_downgrade+0x6d0/0x6d0
[ 1194.147334]  ? __lockdep_reset_lock+0x180/0x180
[ 1194.147867]  ? futex_exit_release+0x220/0x220
[ 1194.148381]  ? __fget_files+0x296/0x4c0
[ 1194.148841]  ? __fget_light+0xea/0x290
[ 1194.149295]  __sys_sendmsg+0xe5/0x1b0
[ 1194.149728]  ? __sys_sendmsg_sock+0x40/0x40
[ 1194.150227]  ? __do_sys_futex+0x2bb/0x480
[ 1194.150718]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1194.151311]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1194.151900]  do_syscall_64+0x33/0x40
[ 1194.152322]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1194.152910] RIP: 0033:0x7fcdd7801b19
[ 1194.153338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1194.155422] RSP: 002b:00007fcdd4d35188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1194.156290] RAX: ffffffffffffffda RBX: 00007fcdd79150e0 RCX: 00007fcdd7801b19
[ 1194.157029] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 1194.157832] RBP: 00007fcdd785bf6d R08: 0000000000000000 R09: 0000000000000000
[ 1194.158636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1194.159366] R13: 00007ffc6a434abf R14: 00007fcdd4d35300 R15: 0000000000022000
04:26:27 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000000000000)

04:26:27 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:26:27 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:26:27 executing program 2:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r1, &(0x7f0000000100)={r2, 0xffffffffffffffff, 0x5})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0)
timer_delete(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001600010d000000002000000000000000"], 0x14}}, 0x0)
read(r5, &(0x7f0000000080)=""/65, 0x41)
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)

04:26:27 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xa1ffffffffffffff)

04:26:27 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:26:27 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:26:27 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1194.346558] sysfs: cannot create duplicate filename '/class/ieee80211/€˜
§°ÇÛ ”uòQÇC	!'
[ 1194.348383] CPU: 0 PID: 8145 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1194.349885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1194.351638] Call Trace:
[ 1194.352195]  dump_stack+0x107/0x167
[ 1194.352975]  sysfs_warn_dup.cold+0x1c/0x29
[ 1194.353895]  sysfs_do_create_link_sd+0x122/0x140
[ 1194.354906]  sysfs_create_link+0x5f/0xc0
[ 1194.355776]  device_add+0x703/0x1c50
[ 1194.356586]  ? devlink_add_symlinks+0x970/0x970
[ 1194.357577]  ? ieee80211_set_bitrate_flags+0x202/0x620
[ 1194.358723]  wiphy_register+0x1da6/0x2850
[ 1194.359614]  ? wiphy_unregister+0xb90/0xb90
[ 1194.360541]  ? ieee80211_init_rate_ctrl_alg+0x121/0x500
[ 1194.361711]  ieee80211_register_hw+0x23c5/0x38b0
[ 1194.362757]  ? ieee80211_ifa6_changed+0x4d0/0x4d0
[ 1194.363796]  ? net_generic+0xdb/0x2b0
[ 1194.364619]  ? lockdep_init_map_type+0x2c7/0x780
[ 1194.365638]  ? memset+0x20/0x50
[ 1194.366354]  ? __hrtimer_init+0x12c/0x270
[ 1194.367248]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1194.368325]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1194.369320]  ? hwsim_new_radio_nl+0x967/0x1080
[ 1194.370308]  ? memcpy+0x39/0x60
[ 1194.371020]  hwsim_new_radio_nl+0x991/0x1080
[ 1194.371962]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1194.373076]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1194.374493]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1194.375881]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1194.376902]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1194.378306]  ? cap_capable+0x1cd/0x230
[ 1194.379163]  ? ns_capable+0xe2/0x110
[ 1194.379967]  genl_rcv_msg+0x33c/0x5a0
[ 1194.380866]  ? genl_get_cmd+0x480/0x480
[ 1194.381708]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1194.382882]  ? lock_release+0x680/0x680
[ 1194.383730]  ? __lockdep_reset_lock+0x180/0x180
[ 1194.384715]  netlink_rcv_skb+0x14b/0x430
[ 1194.385589]  ? genl_get_cmd+0x480/0x480
[ 1194.386429]  ? netlink_ack+0xab0/0xab0
[ 1194.387276]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1194.388247]  ? is_vmalloc_addr+0x7b/0xb0
[ 1194.389116]  genl_rcv+0x24/0x40
[ 1194.389835]  netlink_unicast+0x549/0x7f0
[ 1194.390706]  ? netlink_attachskb+0x870/0x870
[ 1194.391645]  ? __virt_addr_valid+0x128/0x350
[ 1194.392584]  netlink_sendmsg+0x90f/0xdf0
[ 1194.393449]  ? netlink_unicast+0x7f0/0x7f0
[ 1194.394386]  ? netlink_unicast+0x7f0/0x7f0
[ 1194.395279]  __sock_sendmsg+0x154/0x190
[ 1194.396133]  ____sys_sendmsg+0x70d/0x870
[ 1194.397002]  ? sock_write_iter+0x3d0/0x3d0
[ 1194.397909]  ? do_recvmmsg+0x6d0/0x6d0
[ 1194.398808]  ? perf_trace_lock+0xac/0x490
[ 1194.399891]  ? __lockdep_reset_lock+0x180/0x180
[ 1194.401001]  ? perf_trace_lock+0xac/0x490
[ 1194.401894]  ___sys_sendmsg+0xf3/0x170
[ 1194.402725]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1194.403708]  ? lock_downgrade+0x6d0/0x6d0
[ 1194.404594]  ? finish_task_switch+0x126/0x5d0
[ 1194.405530]  ? lock_downgrade+0x6d0/0x6d0
[ 1194.406441]  ? __fget_files+0x296/0x4c0
[ 1194.407330]  ? __fget_light+0xea/0x290
[ 1194.408166]  __sys_sendmsg+0xe5/0x1b0
[ 1194.408986]  ? __sys_sendmsg_sock+0x40/0x40
[ 1194.409919]  ? io_schedule_timeout+0x140/0x140
[ 1194.410897]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1194.411992]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1194.413088]  do_syscall_64+0x33/0x40
[ 1194.413898]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1194.414983] RIP: 0033:0x7fcdd7801b19
[ 1194.415779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1194.419691] RSP: 002b:00007fcdd4d14188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1194.421327] RAX: ffffffffffffffda RBX: 00007fcdd79151a0 RCX: 00007fcdd7801b19
[ 1194.422884] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 1194.424379] RBP: 00007fcdd785bf6d R08: 0000000000000000 R09: 0000000000000000
[ 1194.425908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1194.427404] R13: 00007ffc6a434abf R14: 00007fcdd4d14300 R15: 0000000000022000
04:26:27 executing program 5:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x141dc, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c)
perf_event_open(0x0, 0x0, 0xf, 0xffffffffffffffff, 0x9)
getpeername(r1, &(0x7f0000000000)=@nfc, &(0x7f0000000080)=0x80)
sendmmsg$inet6(r1, &(0x7f0000004d00), 0x400000000000070, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000440)=ANY=[], 0x130)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000c, 0x100010, 0xffffffffffffffff, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x9, 0x80010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r2, r3, &(0x7f0000000440)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0xffc, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0x9)
fallocate(r0, 0x70, 0x0, 0x0)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x8d000000, 0x3, &(0x7f00000003c0)=[{&(0x7f0000000200)="5c28ca16cbc7c3d276d149f9a5b9e696609e57942cab9362818fc9bb7f0728c52727be98446bec282286db419f4cac8b0d8d974c7656c8c5a52a8d0ffe7e49ae460bc26961c224cac2ee6c3fe63de40777659f78606804b6bc2941b73968d7a491956d184f66b5e4e47bcdc8a4796a74be62be9ba07f61559b3f18e61f93238facd5cf45c8a5647cba9ef668c4d8ca21b452ed5b88c67d8907ae73bd7f8a9e7b128bea30a606616b07ae38439e67d49fb9fde2b4256655e9b5a55984623e62bf2301ee21f750e71dd2da31ba2260c88e92fbc73c37a85ec2a11d4b05b4a65ca48d01", 0xe2, 0x54}, {&(0x7f0000000300)="c17d086cc3d208ec4f361afae005d748db6b", 0x12, 0x3}, {&(0x7f0000000340)="8a83d1f54a00319bf561c9341fcfbe9e250e87742a14d4ef39e5a2fd38c72f9b963cce7d331fe0258909b562cdfd68951de0b97497b7821bfc9a227a78c3a0664134a6237cab5386787c9f74b633be89f3806d07488f390f6fa76e5bc1a220f84d2f269a6475733f64af", 0x6a, 0x2}], 0x2054, &(0x7f0000000500)={[{}, {@nocompress}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {@mode={'mode', 0x3d, 0x1}}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@sbsector={'sbsector', 0x3d, 0x9}}, {@map_normal}], [{@pcr={'pcr', 0x3d, 0x3d}}]})
getdents64(r4, &(0x7f0000000640)=""/196, 0xc4)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)

04:26:27 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)

04:26:27 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20)

04:26:27 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:26:27 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1194.601866] FAULT_INJECTION: forcing a failure.
[ 1194.601866] name failslab, interval 1, probability 0, space 0, times 0
[ 1194.604626] CPU: 0 PID: 8171 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1194.606258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1194.608051] Call Trace:
[ 1194.608626]  dump_stack+0x107/0x167
[ 1194.609431]  should_fail.cold+0x5/0xa
[ 1194.610268]  ? create_object.isra.0+0x3a/0xa20
[ 1194.611237]  should_failslab+0x5/0x20
[ 1194.612058]  kmem_cache_alloc+0x5b/0x310
[ 1194.612937]  create_object.isra.0+0x3a/0xa20
[ 1194.613875]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1194.614956]  kmem_cache_alloc_bulk+0x168/0x320
[ 1194.615945]  io_submit_sqes+0x6f76/0x85c0
[ 1194.616881]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1194.617954]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1194.618995]  ? lock_downgrade+0x6d0/0x6d0
[ 1194.619897]  ? find_held_lock+0x2c/0x110
[ 1194.620788]  ? io_submit_sqes+0x85c0/0x85c0
[ 1194.621725]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1194.622771]  ? wait_for_completion_io+0x270/0x270
[ 1194.623802]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1194.624795]  ? vfs_write+0x354/0xa70
[ 1194.625617]  ? fput_many+0x2f/0x1a0
[ 1194.626411]  ? ksys_write+0x1a9/0x260
[ 1194.627242]  ? __ia32_sys_read+0xb0/0xb0
[ 1194.628125]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1194.629228]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1194.630353]  do_syscall_64+0x33/0x40
[ 1194.631150]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1194.632237] RIP: 0033:0x7f06e6057b19
[ 1194.633026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1194.636910] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1194.638520] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1194.640037] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1194.641534] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1194.643050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1194.644562] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1194.649964] FAULT_INJECTION: forcing a failure.
[ 1194.649964] name failslab, interval 1, probability 0, space 0, times 0
[ 1194.652768] CPU: 0 PID: 8170 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1194.654212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1194.655965] Call Trace:
[ 1194.656529]  dump_stack+0x107/0x167
[ 1194.657334]  should_fail.cold+0x5/0xa
[ 1194.658165]  ? create_object.isra.0+0x3a/0xa20
[ 1194.659128]  should_failslab+0x5/0x20
[ 1194.659942]  kmem_cache_alloc+0x5b/0x310
[ 1194.660807]  ? mark_held_locks+0x9e/0xe0
[ 1194.661684]  create_object.isra.0+0x3a/0xa20
[ 1194.662637]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1194.663726]  kmem_cache_alloc_bulk+0x168/0x320
[ 1194.664694]  io_submit_sqes+0x6f76/0x85c0
[ 1194.665621]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1194.666693]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1194.667714]  ? lock_downgrade+0x6d0/0x6d0
[ 1194.668604]  ? find_held_lock+0x2c/0x110
[ 1194.669474]  ? io_submit_sqes+0x85c0/0x85c0
[ 1194.670406]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1194.671447]  ? wait_for_completion_io+0x270/0x270
[ 1194.672476]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1194.673455]  ? vfs_write+0x354/0xa70
[ 1194.674304]  ? fput_many+0x2f/0x1a0
[ 1194.675080]  ? ksys_write+0x1a9/0x260
[ 1194.675883]  ? __ia32_sys_read+0xb0/0xb0
[ 1194.676734]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1194.677823]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1194.678899]  do_syscall_64+0x33/0x40
[ 1194.679671]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1194.680728] RIP: 0033:0x7f79e8f8cb19
[ 1194.681504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1194.685907] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1194.687526] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1194.689123] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1194.690610] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1194.692105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1194.693679] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:26:41 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:26:41 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:26:41 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000540)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000683deb52663b7f80fb2aeab017d22c7d2cceabf99045188ba17d432079f2472e5b049c6407384bbf71fe908c729b"])
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000340), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x4042, 0x0)
r1 = openat2(r0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000200)={0x40, 0x3, 0x11}, 0x18)
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{}, {0x77359400}})
mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={[{@subsystem='freezer'}]})
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x40001, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000280), 0x561001, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000006c0)=ANY=[@ANYBLOB="d412ff000100000018000000d5c20d8a2299db83b92cbb79e270403fd60c645d19fc303bb19298", @ANYRES32=r2, @ANYBLOB="2e2f66696c65300000000000000000007bb5fb6c2bad26ec596e60146d0719021d618dbb4c02768c9c6212701e6ba6cdb3b0569038b09f8393150cad1428334c43615859f30a99cd775fe282663d4a09a0917db9eec4ef47c9551b7435e451c663444809aabf8008d4ce318da30e01c2a01b383d27cc477587322d500400be34e7c1b868a5df3749e70101000000000000ada70db17c8e50b3851c35eefe300bab676668df87fe6567db862ad0d29bf4e6e364afdca177064811c87216ff3a2c9adf18d70055561456a531c02cfdfd1ee48ad5a8"])
r3 = fsmount(0xffffffffffffffff, 0x1, 0x71)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r3, 0x3312, 0x8)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @link_local}, 0x28, {0x2, 0x0, @empty}})
r4 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @link_local}, 0x28, {0x2, 0x0, @empty}, 'ip6erspan0\x00'})
bind(0xffffffffffffffff, &(0x7f00000004c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x0, 0x4, 0x3, 0x0, {0xa, 0x4e20, 0x800, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}}}, 0x80)
fsmount(r1, 0x1, 0x4)
mq_open(&(0x7f0000005c00)='-@\x00', 0x0, 0x0, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000001c00))
mount$cgroup(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f00000003c0), 0x2800061, &(0x7f00000005c0)={[{@noprefix}, {@subsystem='cpuset'}, {}, {@noprefix}, {@cpuset_v2_mode}, {@xattr}, {@noprefix}, {}, {}, {@noprefix}]})

04:26:41 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15)

04:26:41 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x80, &(0x7f0000000080)={0x0, 0xf479, 0x1}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000002a40))
io_uring_enter(r1, 0x76d2, 0x0, 0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0xd7, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x6c24, &(0x7f0000000200)={0x0, 0xbed9, 0x2, 0x3, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, 0x0)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r4, 0x0, &(0x7f0000000240)=""/61, 0x3d, 0x13}, 0x20)
r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = dup2(r5, 0xffffffffffffffff)
open_tree(r6, &(0x7f0000000040)='./file0\x00', 0x81000)
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="209ce9826d3e576f105f8eabd24159206e76b0c1d6116ecd58ec27f37087bef0a8bcbe044890fcc0c4f4840a9f63d0b97cff00b7cefc9155519daed58fb379b120", @ANYRES64, @ANYBLOB="0102250900000000000000000800030000003a7fcaea0c93a416a0ec56f6b997aa4e29b9aa8f815a26a938b35b3d2d4493c6b5e1a587fa40eaf1f995767ba1c7a952c2b0cb", @ANYRES32=0x0, @ANYBLOB="a60300000000000000000080"], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
r7 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r8=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r7], 0x1}, 0x58)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r9}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r8, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r9}}, 0xae8b)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x5, 0x0, @fd_index=0x4, 0x0, 0x0, 0xd2, 0x0, 0x0, {0x0, r9}}, 0x6)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
dup2(r10, r3)

04:26:41 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21)

04:26:41 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:26:41 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xf5ffffffffffffff)

04:26:41 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffffffffffffffa1)

[ 1208.857536] cgroup: subsys name conflicts with all
[ 1208.859008] FAULT_INJECTION: forcing a failure.
[ 1208.859008] name failslab, interval 1, probability 0, space 0, times 0
[ 1208.860630] CPU: 0 PID: 8190 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1208.861522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1208.862611] Call Trace:
[ 1208.862963]  dump_stack+0x107/0x167
[ 1208.863448]  should_fail.cold+0x5/0xa
[ 1208.863949]  ? create_object.isra.0+0x3a/0xa20
[ 1208.864546]  should_failslab+0x5/0x20
[ 1208.865042]  kmem_cache_alloc+0x5b/0x310
[ 1208.865586]  ? mark_held_locks+0x9e/0xe0
[ 1208.866138]  create_object.isra.0+0x3a/0xa20
[ 1208.866717]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1208.867373]  kmem_cache_alloc_bulk+0x168/0x320
[ 1208.867978]  io_submit_sqes+0x6f76/0x85c0
[ 1208.868540]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1208.869196]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1208.869839]  ? lock_downgrade+0x6d0/0x6d0
[ 1208.870386]  ? find_held_lock+0x2c/0x110
[ 1208.870915]  ? io_submit_sqes+0x85c0/0x85c0
[ 1208.871499]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1208.872061] FAULT_INJECTION: forcing a failure.
[ 1208.872061] name failslab, interval 1, probability 0, space 0, times 0
[ 1208.872139]  ? wait_for_completion_io+0x270/0x270
[ 1208.872156]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1208.872168]  ? vfs_write+0x354/0xa70
[ 1208.872183]  ? fput_many+0x2f/0x1a0
[ 1208.872197]  ? ksys_write+0x1a9/0x260
[ 1208.872210]  ? __ia32_sys_read+0xb0/0xb0
[ 1208.872226]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1208.872238]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1208.872259]  do_syscall_64+0x33/0x40
[ 1208.879459]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1208.880126] RIP: 0033:0x7f06e6057b19
[ 1208.880620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1208.883042] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1208.884044] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1208.884981] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1208.885913] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1208.886865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1208.887794] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1208.888761] CPU: 1 PID: 8199 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1208.890145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1208.891789] Call Trace:
[ 1208.892328]  dump_stack+0x107/0x167
[ 1208.893062]  should_fail.cold+0x5/0xa
[ 1208.893823]  ? create_object.isra.0+0x3a/0xa20
[ 1208.894746]  should_failslab+0x5/0x20
[ 1208.895507]  kmem_cache_alloc+0x5b/0x310
[ 1208.896322]  ? mark_held_locks+0x9e/0xe0
[ 1208.897136]  create_object.isra.0+0x3a/0xa20
[ 1208.898029]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1208.899051]  kmem_cache_alloc_bulk+0x168/0x320
[ 1208.899986]  io_submit_sqes+0x6f76/0x85c0
[ 1208.900904]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1208.901896]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1208.902874]  ? lock_downgrade+0x6d0/0x6d0
[ 1208.903699]  ? find_held_lock+0x2c/0x110
[ 1208.904524]  ? io_submit_sqes+0x85c0/0x85c0
[ 1208.905399]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1208.906381]  ? wait_for_completion_io+0x270/0x270
[ 1208.907347]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1208.908278]  ? vfs_write+0x354/0xa70
[ 1208.909031]  ? fput_many+0x2f/0x1a0
[ 1208.909779]  ? ksys_write+0x1a9/0x260
[ 1208.910553]  ? __ia32_sys_read+0xb0/0xb0
[ 1208.911367]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1208.912407]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1208.913445]  do_syscall_64+0x33/0x40
[ 1208.914210]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1208.915230] RIP: 0033:0x7f79e8f8cb19
[ 1208.915973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1208.919627] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1208.921138] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1208.922562] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1208.923975] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1208.925389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1208.926809] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1208.951473] cgroup: subsys name conflicts with all
04:26:41 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
close(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0)
write$binfmt_elf32(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c460000000000000000000000000200060000000000000000003800000000000000000000000000200001000000000000000000000003"], 0x58)
close(r2)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff)
getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x53, &(0x7f0000000040)={0x6, 0x7, 'syz0\x00'}, &(0x7f00000000c0)=0x28)
openat(r0, &(0x7f0000000000)='./file0\x00', 0x20000, 0x80)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

04:26:41 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22)

[ 1209.083752] FAULT_INJECTION: forcing a failure.
[ 1209.083752] name failslab, interval 1, probability 0, space 0, times 0
[ 1209.086428] CPU: 1 PID: 8215 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1209.087785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1209.089426] Call Trace:
[ 1209.089956]  dump_stack+0x107/0x167
[ 1209.090706]  should_fail.cold+0x5/0xa
[ 1209.091471]  ? create_object.isra.0+0x3a/0xa20
[ 1209.092390]  should_failslab+0x5/0x20
[ 1209.093148]  kmem_cache_alloc+0x5b/0x310
[ 1209.093964]  ? mark_held_locks+0x9e/0xe0
[ 1209.094801]  create_object.isra.0+0x3a/0xa20
[ 1209.095677]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1209.096691]  kmem_cache_alloc_bulk+0x168/0x320
[ 1209.097617]  io_submit_sqes+0x6f76/0x85c0
[ 1209.098502]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1209.099488]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1209.100450]  ? lock_downgrade+0x6d0/0x6d0
[ 1209.101270]  ? find_held_lock+0x2c/0x110
[ 1209.102094]  ? io_submit_sqes+0x85c0/0x85c0
[ 1209.102961]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1209.103925]  ? wait_for_completion_io+0x270/0x270
[ 1209.104888]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1209.105806]  ? vfs_write+0x354/0xa70
[ 1209.106571]  ? fput_many+0x2f/0x1a0
[ 1209.107295]  ? ksys_write+0x1a9/0x260
[ 1209.108050]  ? __ia32_sys_read+0xb0/0xb0
[ 1209.108869]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1209.109910]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1209.110950]  do_syscall_64+0x33/0x40
[ 1209.111695]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1209.112720] RIP: 0033:0x7f06e6057b19
[ 1209.113468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1209.117124] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1209.118637] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1209.120048] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1209.121470] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1209.122895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1209.124313] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:26:54 executing program 2:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0xffffffffffffffff)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, 0x0, 0x3)
pkey_alloc(0x0, 0x0)
r0 = pkey_alloc(0x0, 0x2)
pkey_mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, r0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000140)=ANY=[@ANYBLOB="01d500"/12, @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
perf_event_open(0x0, 0x0, 0x4, r1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x26)
pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000006, 0xffffffffffffffff)
setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4)
pkey_mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x6, 0xffffffffffffffff)
pkey_alloc(0x0, 0x1)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendfile(r3, r2, 0x0, 0x9bbb)

04:26:54 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:26:54 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffff5)

04:26:54 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23)

04:26:54 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:26:54 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:26:54 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16)

04:26:54 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe6b02, 0x0)
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000002, 0x8010, r0, 0x10000000)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITE_FIXED={0x5, 0x5, 0x0, @fd_index=0xa, 0x0, 0x5, 0x1, 0x3}, 0x1)
socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$vcsn(&(0x7f0000001500), 0x3, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
io_submit(0x0, 0x0, 0x0)
socketpair(0x3, 0x6, 0x62, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$IPCTNL_MSG_EXP_DELETE(r2, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20140000}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x1a8, 0x2, 0x2, 0x3, 0x0, 0x0, {0x0, 0x0, 0x5}, [@CTA_EXPECT_TUPLE={0x9c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x50e2feab0490e13c}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x5}, @CTA_EXPECT_MASTER={0x98, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x2a}}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x14, 0x4, @mcast2}}}]}, @CTA_EXPECT_CLASS={0x8}, @CTA_EXPECT_NAT={0xc, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}]}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @mcast2}}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x10000}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x80}, 0x4)
read$hidraw(r0, &(0x7f0000000400)=""/4096, 0x3ffffe00)

[ 1221.616702] FAULT_INJECTION: forcing a failure.
[ 1221.616702] name failslab, interval 1, probability 0, space 0, times 0
[ 1221.619653] CPU: 0 PID: 8236 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1221.621119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1221.623225] Call Trace:
[ 1221.623936]  dump_stack+0x107/0x167
[ 1221.624935]  should_fail.cold+0x5/0xa
[ 1221.625802]  ? create_object.isra.0+0x3a/0xa20
[ 1221.626821]  should_failslab+0x5/0x20
[ 1221.627612]  kmem_cache_alloc+0x5b/0x310
[ 1221.628486]  ? mark_held_locks+0x9e/0xe0
[ 1221.629354]  create_object.isra.0+0x3a/0xa20
[ 1221.630332]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1221.631433]  kmem_cache_alloc_bulk+0x168/0x320
[ 1221.632421]  io_submit_sqes+0x6f76/0x85c0
[ 1221.633348]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1221.634424]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1221.635440]  ? lock_downgrade+0x6d0/0x6d0
[ 1221.636329]  ? find_held_lock+0x2c/0x110
[ 1221.637210]  ? io_submit_sqes+0x85c0/0x85c0
[ 1221.638165]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1221.639227]  ? wait_for_completion_io+0x270/0x270
[ 1221.640272]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1221.641282]  ? vfs_write+0x354/0xa70
[ 1221.642082]  ? fput_many+0x2f/0x1a0
[ 1221.642904]  ? ksys_write+0x1a9/0x260
[ 1221.643727]  ? __ia32_sys_read+0xb0/0xb0
[ 1221.644572]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1221.645701]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1221.646847]  do_syscall_64+0x33/0x40
[ 1221.647658]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1221.648769] RIP: 0033:0x7f06e6057b19
[ 1221.649566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1221.653509] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1221.655125] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1221.656650] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1221.658204] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1221.659733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1221.661236] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1221.670008] FAULT_INJECTION: forcing a failure.
[ 1221.670008] name failslab, interval 1, probability 0, space 0, times 0
[ 1221.672725] CPU: 1 PID: 8242 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1221.674119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1221.675795] Call Trace:
[ 1221.676340]  dump_stack+0x107/0x167
[ 1221.677096]  should_fail.cold+0x5/0xa
[ 1221.677888]  ? create_object.isra.0+0x3a/0xa20
[ 1221.678835]  should_failslab+0x5/0x20
[ 1221.679597]  kmem_cache_alloc+0x5b/0x310
[ 1221.680419]  ? mark_held_locks+0x9e/0xe0
[ 1221.681233]  create_object.isra.0+0x3a/0xa20
[ 1221.682110]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1221.683139]  kmem_cache_alloc_bulk+0x168/0x320
[ 1221.684054]  io_submit_sqes+0x6f76/0x85c0
[ 1221.684919]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1221.685909]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1221.686888]  ? lock_downgrade+0x6d0/0x6d0
[ 1221.687718]  ? find_held_lock+0x2c/0x110
[ 1221.688540]  ? io_submit_sqes+0x85c0/0x85c0
[ 1221.689416]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1221.690391]  ? wait_for_completion_io+0x270/0x270
[ 1221.691360]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1221.692286]  ? vfs_write+0x354/0xa70
[ 1221.693035]  ? fput_many+0x2f/0x1a0
[ 1221.693762]  ? ksys_write+0x1a9/0x260
[ 1221.694541]  ? __ia32_sys_read+0xb0/0xb0
[ 1221.695360]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1221.696407]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1221.697441]  do_syscall_64+0x33/0x40
[ 1221.698194]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1221.699220] RIP: 0033:0x7f79e8f8cb19
[ 1221.699963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1221.703614] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1221.705126] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1221.706566] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1221.707978] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1221.709393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1221.710816] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1221.761829] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[ 1221.763787] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[ 1221.765188] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 1221.766507] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[ 1221.768004] print_req_error: 69 callbacks suppressed
[ 1221.768023] blk_update_request: I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x4000 phys_seg 33 prio class 2
04:26:54 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffffffffffffffff)

[ 1221.796017] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[ 1221.797977] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[ 1221.799375] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 1221.800675] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 40 00 00 40 00
[ 1221.802180] blk_update_request: I/O error, dev sr0, sector 256 op 0x0:(READ) flags 0x4000 phys_seg 33 prio class 2
04:26:54 executing program 2:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="7472616e733d66642c5b90646e6f3d", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c6d6d61702c616669643d3078303030303030303038303030303030312c76657273696f6e3d3970323030302c646566636f6e746578743d73797374656d5f752c736d61636b6673666c6f6f723dd2403a2d3a403a2424402c00"])
pidfd_send_signal(r1, 0xf, &(0x7f0000000240)={0x1d, 0x5, 0x6}, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x2840026, 0x0)
mount(0x0, &(0x7f0000000080)='./mnt\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000140)='./mnt\x00', 0x0, 0x0, 0x0, 0x3a0c0a0, &(0x7f0000000180)=ANY=[@ANYBLOB="73697a653d702c00b5928640c5d55c13791423a07a0c85b09b08b2ce72ddfd09373fe127e036fbf169deae04e8200935b124e7e8ac3f866b70888e37e4cf684715ee7155dbf664564327e02fb4e27c85b8201f3f5e43edffd143a557af593783bb5422705f3413f158de2f60ae9fcb031b338d561c911d2385fec1745c6e173d1f3afb2a1fb9742aa4162537e368a3699fb70537cd49805703a400e3b95ebf963ddee3dbac4e"])

04:26:54 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:26:54 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1221.857177] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[ 1221.859307] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[ 1221.860745] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 1221.862198] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 80 00 00 40 00
[ 1221.863789] blk_update_request: I/O error, dev sr0, sector 512 op 0x0:(READ) flags 0x4000 phys_seg 33 prio class 2
04:26:54 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17)

[ 1221.917883] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[ 1221.919914] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[ 1221.921348] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 1221.922685] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 c0 00 00 40 00
[ 1221.924214] blk_update_request: I/O error, dev sr0, sector 768 op 0x0:(READ) flags 0x4000 phys_seg 33 prio class 2
[ 1221.944891] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[ 1221.946968] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[ 1221.948348] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 1221.949658] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 01 00 00 00 40 00
[ 1221.951188] blk_update_request: I/O error, dev sr0, sector 1024 op 0x0:(READ) flags 0x4000 phys_seg 33 prio class 2
04:26:54 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1221.984921] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[ 1221.987029] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[ 1221.988405] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 1221.989735] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 01 40 00 00 40 00
[ 1221.991272] blk_update_request: I/O error, dev sr0, sector 1280 op 0x0:(READ) flags 0x4000 phys_seg 33 prio class 2
[ 1222.004750] FAULT_INJECTION: forcing a failure.
[ 1222.004750] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.007605] CPU: 0 PID: 8262 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1222.008982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1222.010682] Call Trace:
[ 1222.011217]  dump_stack+0x107/0x167
[ 1222.011958]  should_fail.cold+0x5/0xa
[ 1222.012734]  ? create_object.isra.0+0x3a/0xa20
[ 1222.013655]  should_failslab+0x5/0x20
[ 1222.014436]  kmem_cache_alloc+0x5b/0x310
[ 1222.015255]  ? mark_held_locks+0x9e/0xe0
[ 1222.016079]  create_object.isra.0+0x3a/0xa20
[ 1222.016969]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1222.018055]  kmem_cache_alloc_bulk+0x168/0x320
[ 1222.019014]  io_submit_sqes+0x6f76/0x85c0
[ 1222.019890]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1222.020895]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1222.021882]  ? io_submit_sqes+0x85c0/0x85c0
[ 1222.022761]  ? recalibrate_cpu_khz+0x10/0x10
[ 1222.023646]  ? ktime_get+0x158/0x1f0
[ 1222.024402]  ? setup_APIC_eilvt+0x2f0/0x2f0
[ 1222.025302]  ? clockevents_program_event+0x131/0x360
[ 1222.026360]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1222.027418]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1222.028500]  ? trace_hardirqs_on+0x5b/0x180
[ 1222.029377]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1222.030485]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1222.031532]  do_syscall_64+0x33/0x40
[ 1222.032282]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1222.033319] RIP: 0033:0x7f79e8f8cb19
[ 1222.034070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1222.037895] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1222.039476] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1222.040946] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1222.042423] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1222.043919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1222.045386] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:26:54 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000700)={0x3, 0x80, 0x7, 0x2, 0x1, 0xdb, 0x0, 0x8, 0x24010, 0xa, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x4, @perf_config_ext={0x101, 0x1}, 0x8040, 0x8, 0x3, 0x5, 0x3, 0x7, 0x52, 0x0, 0x21, 0x0, 0x9}, 0x0, 0x2, r0, 0x1)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="b800000013000100000000b800000000ffffffff000000000000000000000000ff0200000000000000000000ffff000000000000000000000a00403c0000000078630edc00b6562120009f1ce06120723f1ff6c65b0f07dce11d6ed896c57a71da80777802125c2632a4f4e67e6b48cb734bc482b4901d5451f90d6cf4", @ANYRES32=0x0, @ANYRES32=0x0], 0xb8}}, 0x0)
stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000001c00))
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r2)
getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f00000001c0), &(0x7f0000000200)=0x40)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)=ANY=[@ANYBLOB="015e0000177d850225", @ANYBLOB="47ba592c2d9892a93caaf2b256c221253735ccc512b3a17fb3e629eb1e010000000000000010405e38508b"])
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
copy_file_range(r5, &(0x7f0000000100)=0xd241, r1, &(0x7f0000000140)=0x1f, 0xffffffff, 0x0)
ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000300)={0x4000000000000, 0x80000000, 0x0, 0x0, 0x1, [{}]})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x26}}, 0x10)
sendfile(r6, 0xffffffffffffffff, 0x0, 0xffe3)
execveat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', &(0x7f00000004c0)=[&(0x7f0000000440)=']\x00', &(0x7f0000000480)='(:}\x1e\\+M/](7\x00'], &(0x7f0000000600)=[&(0x7f0000000500)='9p\x00', &(0x7f0000000540)='{W+}\x00', &(0x7f0000000580)='defcontext', &(0x7f00000005c0)='\xd2@:-:@:$$@'], 0x800)
setsockopt$inet_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000240)={0x5, {{0x2, 0x4e21, @empty}}}, 0x88)

04:26:55 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24)

[ 1222.070920] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[ 1222.072960] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[ 1222.074430] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 1222.075789] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 01 80 00 00 40 00
[ 1222.077356] blk_update_request: I/O error, dev sr0, sector 1536 op 0x0:(READ) flags 0x4000 phys_seg 33 prio class 2
04:26:55 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1222.098989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.100783] blk_update_request: I/O error, dev sr0, sector 1792 op 0x0:(READ) flags 0x0 phys_seg 32 prio class 2
[ 1222.103845] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.105090] blk_update_request: I/O error, dev sr0, sector 2046 op 0x0:(READ) flags 0x4000 phys_seg 32 prio class 2
04:26:55 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = dup2(r4, 0xffffffffffffffff)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x0, 0x0)
r7 = dup2(r6, r5)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r7, 0x0, &(0x7f0000000240)=""/61, 0x3d, 0x13}, 0x20)
r8 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = dup2(r8, 0xffffffffffffffff)
open_tree(r9, &(0x7f0000000040)='./file0\x00', 0x81000)
sendmsg$NL80211_CMD_JOIN_MESH(r9, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="209ce9826d3e576f105f8eabd24159206e76b0c1d6116ecd58ec27f37087bef0a8bcbe044890fcc0c4f4840a9fb3d0b97cff00b7cefc9155519daed58fb379b120", @ANYRES64, @ANYBLOB="0102250900000000000000000800030000003a7fcaea0c93a416a0ec56f6b997aa4e29b9aa8f815a26a938b35b3d2d4493c6b5e1a587fa40eaf1f995767ba1c7a952c2b0cb", @ANYRES32=0x0, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
pipe(&(0x7f00000001c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, r10, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x4e24, @local}, 0x3, 0x0, 0x0, 0x2}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000040)="8d8add6a227a2f8d8c86ce618146f27aa84e57decabcfb86567f0a09805d7fa2ed8f34", 0x23}], 0x1}, 0x0, 0x0, 0x0, {0x0, r12}}, 0x9)
r13 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r13, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1222.127345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.128572] blk_update_request: I/O error, dev sr0, sector 2302 op 0x0:(READ) flags 0x4000 phys_seg 32 prio class 2
[ 1222.130994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.132394] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.134255] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.136371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.144344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.145744] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.151818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.153300] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.154677] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.159646] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.161013] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
04:26:55 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1222.178358] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.179753] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.199646] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.201083] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.205118] FAULT_INJECTION: forcing a failure.
[ 1222.205118] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.208013] CPU: 1 PID: 8272 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1222.209365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1222.211006] Call Trace:
[ 1222.211534]  dump_stack+0x107/0x167
[ 1222.212263]  should_fail.cold+0x5/0xa
[ 1222.213028]  ? create_object.isra.0+0x3a/0xa20
[ 1222.213943]  should_failslab+0x5/0x20
[ 1222.214718]  kmem_cache_alloc+0x5b/0x310
[ 1222.215538]  create_object.isra.0+0x3a/0xa20
[ 1222.216412]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1222.217425]  kmem_cache_alloc_bulk+0x168/0x320
[ 1222.218356]  io_submit_sqes+0x6f76/0x85c0
[ 1222.219218]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1222.220205]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1222.221172]  ? lock_downgrade+0x6d0/0x6d0
[ 1222.221992]  ? find_held_lock+0x2c/0x110
[ 1222.222820]  ? io_submit_sqes+0x85c0/0x85c0
[ 1222.223688]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1222.224645]  ? wait_for_completion_io+0x270/0x270
[ 1222.225604]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1222.226537]  ? vfs_write+0x354/0xa70
[ 1222.227284]  ? fput_many+0x2f/0x1a0
[ 1222.228016]  ? ksys_write+0x1a9/0x260
04:26:55 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18)

[ 1222.228778]  ? __ia32_sys_read+0xb0/0xb0
[ 1222.229778]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1222.230835]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1222.231876]  do_syscall_64+0x33/0x40
[ 1222.232615]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1222.233630] RIP: 0033:0x7f06e6057b19
[ 1222.234392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1222.238057] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1222.239587] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1222.241001] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1222.242506] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1222.243920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1222.245339] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:26:55 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1222.282517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.283889] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.285576] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.286851] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.288151] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.289407] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.290701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.291969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.293207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.294444] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.295649] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.296861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.384722] FAULT_INJECTION: forcing a failure.
[ 1222.384722] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.386963] CPU: 1 PID: 8284 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1222.388243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1222.389782] Call Trace:
[ 1222.390305]  dump_stack+0x107/0x167
[ 1222.391001]  should_fail.cold+0x5/0xa
[ 1222.391718]  ? create_object.isra.0+0x3a/0xa20
[ 1222.392574]  should_failslab+0x5/0x20
[ 1222.393276]  kmem_cache_alloc+0x5b/0x310
[ 1222.394043]  ? mark_held_locks+0x9e/0xe0
[ 1222.394806]  create_object.isra.0+0x3a/0xa20
[ 1222.395621]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1222.396610]  kmem_cache_alloc_bulk+0x168/0x320
[ 1222.397462]  io_submit_sqes+0x6f76/0x85c0
[ 1222.398312]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1222.399271]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1222.400206]  ? lock_downgrade+0x6d0/0x6d0
[ 1222.400998]  ? find_held_lock+0x2c/0x110
[ 1222.401785]  ? io_submit_sqes+0x85c0/0x85c0
[ 1222.402642]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1222.403567]  ? wait_for_completion_io+0x270/0x270
[ 1222.404491]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1222.405379]  ? vfs_write+0x354/0xa70
[ 1222.406100]  ? fput_many+0x2f/0x1a0
[ 1222.406800]  ? ksys_write+0x1a9/0x260
[ 1222.407532]  ? __ia32_sys_read+0xb0/0xb0
[ 1222.408318]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1222.409311]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1222.410312]  do_syscall_64+0x33/0x40
[ 1222.411021]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1222.411990] RIP: 0033:0x7f79e8f8cb19
[ 1222.412695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1222.416167] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1222.417607] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1222.418954] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1222.420305] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1222.421652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1222.423016] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1222.467553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.490034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.491430] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.492707] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.493970] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.495262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.496488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.497707] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.498945] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.500192] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.501417] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.502661] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.503884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.505134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.506365] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.507653] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.511903] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.517505] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.518893] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.520054] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.521190] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.522298] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.530315] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.531433] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.534354] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.535481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.536685] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.537820] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.538978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.550366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.551518] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.553623] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.562248] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.563401] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.564977] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.566092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.574347] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.575502] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.576944] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.578052] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.579194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.580285] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.589247] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.590380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.591651] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.592743] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.593880] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.595031] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.596185] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.599979] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.601479] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.602577] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.603649] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.604723] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.605779] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.606842] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.607899] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1222.613423] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
04:27:09 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={<r4=>r0, 0x80, 0x5, 0x3f})
openat(r4, &(0x7f00000001c0)='./file0\x00', 0x8000, 0x180)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f0000000200))

04:27:09 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:27:09 executing program 5:
creat(0x0, 0x2)
r0 = syz_io_uring_setup(0x68d4, &(0x7f0000000100)={0x0, 0x867e, 0x10, 0x0, 0x235}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000400), &(0x7f00000002c0))
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r2, 0x4018f50b, &(0x7f0000001b80)={0x1, 0x2})
syz_io_uring_setup(0x2807, &(0x7f0000000180)={0x0, 0x6246, 0x4, 0x1, 0x3a5}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000080))
syz_io_uring_setup(0x4684, &(0x7f0000000300)={0x0, 0x9dc0, 0x20, 0x0, 0x2e8, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f0000001b00)=<r4=>0x0)
r5 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r6=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r5], 0x1}, 0x58)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r7}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r6, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r7}}, 0xae8b)
syz_io_uring_submit(r3, r4, &(0x7f0000001b40)=@IORING_OP_CLOSE={0x13, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x2)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x24081, 0x0)
fcntl$dupfd(r8, 0x0, r0)
pwrite64(0xffffffffffffffff, &(0x7f0000000040)="f705636e78d7fe56dc785801c1639135f64ee7b44ea8862a6e57b093fb04375b3e0f873e7d29c115a4c23c962b433c021ece0cc82189b2e928912c82fb", 0x3d, 0x8)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x9, 0x4, 0x6, 0xfd, 0x0, 0x2, 0x20201, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, 0x1, @perf_bp={&(0x7f0000000240), 0x1}, 0x40000, 0x1000, 0x0, 0x7, 0xffff, 0x0, 0x94e, 0x0, 0x6, 0x0, 0x9}, 0x0, 0xb, 0xffffffffffffffff, 0x6817f38971100a5c)
perf_event_open(&(0x7f0000001d80)={0x1, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x40, 0x8, 0x6, 0x2, 0x9, 0x2, 0x0, 0x7, 0x2a9, 0x40, 0x165, 0x400, 0x3, 0x38, 0x2, 0x8, 0xffff, 0xffff}, [{0x6474e551, 0x10001, 0x928, 0x20, 0x0, 0x7fffffff, 0x7fffffff, 0x8}, {0x70000000, 0x9, 0x7, 0xab, 0xe40, 0xfffffffffffffff9, 0x3, 0x6}], "8aa4f06ed6443f4119d9f3c26c5564e39b67cac8c8ff68551bf48868850335882a75bfeb4bc00eb8c35a1b31f9856eb814c09e8a6d3b6449f626043a2e18dcb0ce55c30941741415f25ec02e283140c1fc92294b694bb0405225463aafb2dfc6909a4f9f653d5480a136d0fb4cf8b2a0dc16d3e45c0d32a20d06d13f04ca0d5bc534122eb9215480150b52211abf786c8d6c2a382ca446dbd2c4f5da7d100425f7e7f6d081f61bb61b4e70711bb10a9e1caa481dd262040d8f27d10ebaed744bbd63df6fad0dec751d5a46b45c6f6d9cdc743062736a3bb8fd5a5ea06cdd12cee947b1e2edf6e00c528cbaa8bad223bc0b428bff941476f949b07636dcf0152a95bd46482fb567e87bcf391635618fbd9561b5b80e82de9e64f279c8a28144da15a8561cc482131b0a21ee47007c9007226e6c9e0e79ad721d9421d878d69eb443ff838145a784b711f2b3e24989c9a7cc9c1e28233cd804b6b912746bce340ae1dd042e41be173df814eab2490a2236d95c5598f5b126a13051b648229527f23aceb2dc0c8712034246d7b3ae6d6b7f741125e8e71c82c30c423ad5dc96313e3fd9e30d6efbf08a254d8a023a52493d8e937d6382366ec0841a23b86d2cc52d2c1d257f1ac9c016e6e2f2e5f2f1c9045a0ca7558d9068c7f01586a6fe7a57fe4c53e58813d09c464e80045f261da29e411a7ba8dd2cae762a2060109c5562e1036ad2592b42616a44b637519b004eea58ab78be17da8eb016e88b6983bf98fea61edc0a20a962ea7efd2eba71c671a9ba0461652ca91fe1500ed0d2b5a8f82f146abab86e30682ffb230bea0aecea96d2a3b0413f01dec946bee578eed489534cbd0af56c627ef1dda97c7ecad0b1d071aba5cd2da9133232817c70b67e924cac9847a1580369eafc4c82b0cd914e3cb3d858201771d10829468106cc8a1e39d4381b665cfb317521cc7162061d572ed068244d581f3b42b06b8739b41918dad7dd33e3a1d7b610f6541670b020cca1430002828c4d6ccd1cb721f7afff4d8e386d3b6076e2107dd24336a06677e7e46a778c112c5aab6f0a445b816f2a429a8638eafd9ff9e2c9c59b927cc2a7f37e8b4c87a4bc3050f19115c4f23f104c0c4d381a26cc0450ab0b5d9ce7d8f05b7473d6804f745b625f44dd9d9b9883955af16ce64e5c0cb5726d0ab78ba5d96403719f694fcde52ab2e0715ae7da2016805419ebe0f6a6e95a987fd51ada7d911fb5017519784b00e2e457721fff0eaac679c7c86a4f40c41e5420c87dec4685b5ba1936561b0676877e1d24fb866c45913c365a9dc79c29e3fbdc28ca8f9632ead5f3603ea334ffe72f3341dd313b27390bd596650b705d34579b1ed144d650f1362d752894c779e762ad9d3805d813076ff6dd0f0a9e50ae13f46bd0651b7ec2a05e55227df9a51dc00c18133798b527bd4e84fa0d1de4d1bc954695d3b868d02d049c6d330eb967e3e85300a887d4209cb1cba26e7c4637d384fbb6e40914a718f58da7b634cb40c091049b622feea7c8595e941f11a1b0e0493dc3b83b21d7746c14c47b0a83e093ce1b54e007bb686d44f995922e4f6e6817c3f5e8290a6f2bcdd803ba8457004223e858da727c373d910c96c3da357fdf1312e3e671b765cbda2df4136e21152d25f37e25e4769a2075d2a587833571aa8a072fe770031834ec77999fa6656fa1e055179e18e97fa7e0e9cda02126dd91acb20bade20b99e5b1a2c40f1fa38fb5d40bd44fd723fc8a7dcece2cfeb27534e45d6bc95315c6dfc716f580dba77af594fa375a835453fabbc4b21dae6fc6e9316f1e318ec78590e29bdd1a4960953c44cffbafec923fad60e73d44ea1eb0bbf9590421752818209e3358efda4a63eef57baab631984d1454550389c7b29d84f7326b124914581e556b8beecb80acf43bcaadeefad5a80f5f69b4bd5ed3487b254addfbd48647b4f5e9b5c5e31fe1842c0a0305343557a746f3a5070a30625ddf0ac14935e7ef0dbee181f1253a7a5c7daeaa667bcba8d2b1298901c9e18f1fe4b0995789e8e8398ac59f8bb13615e30571e24ffdf057321fcc6e408800feee77fb309430379f811dfa6118a0030b3503cbb21958a98461ad1bf105d43df7b07e51f81bd58cde16c1d4ead4a285319258e0e3d80fe451fd3965dd91a9bea2561e5f89cd8d6d2a475bfa68e71d959efa2b0ea05958c8d25b2748a64d777db7315b1513d2ffdec96c23897c05bdd2805d59325edd347c970efead3df740895d5859c5e0c535f338ab6976d2fd2fe472aa9c0b6903c771d1a6a34f78a8d39c3c413bd19e6556cb03acabcd9dc277c5b731cf26f264d0f422f87f9757310c1af3657fe3ee0c19db4e4c34eda9d9d34bf1f3617a6cf137ddaf486c53019293d51ac39a4166e588534014e676a49384a9745d3a3990a112f2552c331f57cddb209e2da6fa590c5a6d1c240a2387f397894321d7d0d5a2106775318db3be3c4e1fe31e47e7b223d1bd745f8ea22f6027e96b1ca4fd76dc926fad53e8675b6d0a1430bb9a88c753db28193e75d30483f7186083ac35fea2b70d150b30299a890dfb264aad37bb8365f2ad83fdeb57c6f106338b3d3064eaf5fc68473bf2b67bb7320665bac4fcb2f2fb5b5f24f32e199eba7ff2539120631a89eef46f1b94816cf5cea419bb3cf8ca4d01b4418069c10969d9811036808bf896786494e81187e12781b18ad447688ce915c12cd887327b6f08e8e12a9a1fa467efa3a23777718c70cfe926cd8cb60590fc04b3f741cd1340ca568e473061bb30629f7d9b330267cc2599a81835652759a64b16e8e43aedbca5cb37a9ff8e42b1146218af2a9223f9e6222c98190b89007533130fa5e376c87c60ccf14e2eef798f268817a3f941b60850cc3e5400c47aa9371987f20da31ff8352d7dd7c544325a390be4138d84f507d87edcca2ed9578e330692423b8d19302a165f51142dea535b9feff02b03e8b7b1dd354c3a76d312291b25c75900e8c55f459d9c0c9643f995c40284d7d841119e52dd5fadd145d04aeed802b2160af0fab2ba1595c09da828fce8cee03fc09a359623088069c2029ced10edcf5a6284dae3e8b17ce424f7136f6acfc8bcd9c762adc2efd013dd1258197535a656fe1b6cf48fd05427d7379f542c9f1569508105272cad872cbedc0d6c1b5dabc81ffdf5c09a7c05594a5226e36d1af054e02225af25b6196991fe484fc289fddd15ed489c998a51e83948e18614a239b9908b16a133d7d6812f8e769c2dab28a2b51343895ddf67f31aa7dc567055cd2d424d9e2f878931326157645c92d7aa16c817dea8547fdb964e891ce7c4ce905a70377711c98322d2a249e1fdce5017156f045cae5411dea92427fa907693d16d31a45fe70df17834b0826e68c9867cf039c5bed4507f17bbe7500173886110ad3d559d316e3e7a876e21a61454aebfe7724cd765fb0efe7cd1093e8ea38ca50261c73f9fe09ba47740831c079d836e823ccc1bf4cd26095901d18274adf6a19b24a2352730889ba2298b7820beeea87e43d1923ba8b8a51da52271f57ea33ed349d088c9070209ef6f0b7efe6ba096605dc9044f4a455b805934a180c733156eacfe141529508fe1e43efcd8c8e1b57983e6195ed2949307e3ce0c12d03013f5c84fbb5bbec207c19a66bdc53bab428ad30e84482f15cbe346c36f148724fba4fdea4477c25f08db0b829c2c8ca74458d7d104695ff7729c61c8d1f9a1c891ce1dbfd19a0355d659535b4081838337f16566d1ddbfd336aa8ee98d527c560b72f711449b9e7e596e491a5793b5c3ef29de676cfd82826b64dac9c0960480b2a89f23290cb13585d18efb246455fc8c8dc7c00ddd3cec32e870d5471f8c755cb094da1ff8537bf84f2a4cbf5a77600dac8c1f55ef3cc549394b518861ef9f2d69187867b64428216820411081e34dfda05824b4717b83e72de6837ae8ce335d7028c076c63f1a583893b24d16b56d89148919f2a4e67e78671884922978dd4b06fb880e460b59c052e4f13b276f7cf832f3bd0f56d8c41c5113c0492be02c0023acf8bdaaff497f5ce28f13319d840210924587dd0113484224ed08b1cec661d5e4ee7337413678a12bd865ffa4c96a47e261492e796b48f10130b2b1d750b17a3e04965866f1069702f345202a266cd389d6ba981a7914a7f766011b62451e5f6156793681a5540daebcc78fe61c9521adfbd27e1e90dfa9f9888c9af7276abe3227a81bcfb420e26adf3e10a50866957552ae6f776b36df9f2bbf48bc870d4a022a51c32db74db75af166dc0faf879fb6f0de62c442a5f3715ed0b40d88505f6897c4940c1ffb27b0038a176c3cb5993d43b544ed48735a091526fb0d5609aeb6bf40232c8220a1f391a45117215b8fd78ec4b7feb176657555e7bacaad4f42027b871759e2b38c5c92bfb4cc778c5decb14807ef5ac9d990830fda65b2f3af0fa65bb12e91f52c8021c5d093843fe4bcfe4c45cbd43d5c7038ea362fb7bf33979ebd08f1812ce257bff5ed5c1ada8588c34dc66e32d54d5b7207cc4525cb69bdce4d7cf82355202a94928ec3a69ef63165c0d82df442b6d680b5695778eab3e17e96d6d3f5ea3204390a0f1e2f18d025040568ee055fafcbf831ba67b07a5da6b9ed4deed0d980faf7bf750cabb0ecb26f28d446991c28811b886a5cc25726c2e0fc8f98491433ee95c225b19a16181f767500813e076cfdf822168dc8ec4a745c3b09bfe5979da7c9709d5b1a0395ce0cae7de975bb6cf37bf394f0448b73073e4409df201996a785d7ca08c84ea766b6ec029b410f9a10d67a8de729e7b41e6378872248925d8bde99c547efc67dc8014a422fa6f90db1134a3eaedf8a3b6dca44579e8c26224dac5f5ab227e9b2f0a6f596cd0ed240a3a0ead6195c3d877d456d4d0fee8fb7dc6ea3a45147365daf45ac4f8f40657a0d32456155247b83e4a49d010ea6966d8f3c7f5a33c2bfcc142bad10411be6eb62b6ebe25fd0a957d5bc5d6b59f49d61a210185ce1d4840434605207c70378d1e7fc1321ba2b0a12422ba5a9799ba7cae449ab6e87f1e40422955e1b2078f20dbc7a30ba4d1c594840c89144b5a220714c3b09c81ff35d619c23ccb274f6c537c966122c25696505c01fd0dc34362d155e5958034377e34164e5a1094b84138af5773ae5535827b63f2a4bf8219768c09e9beee7c99dc324f7d3a765d096a39c72b2daa71c509d7d3c092477c45048ec9f56656160096e61c93281430814f19b7734662a070269ec2d77be4e78819a2ed26355b74da6ba2a38c54d5da7d9c7203aec48095745f645040bf6dae1856de69bd303d9e59409388130ea68d64c0206a57a73ae12f2f6566bd2339f916efe3daa58a347fc3a55311b2382cb9e2f42f8d3aadd5e81ac3d41d281dd4a2a1d23a265798bd6c859213c770204d39ebc517e4a9ab203e672a4c583b86b31100aaaf747c78a4ee965ec7e4d4530804a1551eb697ef670799951031b8a70ba834d76bf2e88db1ed7d6561775e8f31676505eaf31e6c4b5c59a9ea62160753a5260b80220b89ceb806970472cb42bcc37280365b8c0b27cafb5e7378133dc664b68344a66e25036c11fe66c89eb860dec80bc3b6892ea55a5eb7d76a00d3b616322ab99214efe6ef256aad0a2197a598f881baa054df03ce1355bd98db04d70a53a3652fed4b190f81dc2bf474e4d2681da921efae512b2b86fd07603c68888f5fd6e50b305d426d5fca4e6fd606800ad63afa2de95", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x16b0)
fork()

04:27:09 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19)

04:27:09 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0xc}, 0x2049}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = dup3(r0, r1, 0x0)
setsockopt$inet6_opts(r2, 0x29, 0x36, 0x0, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)={0x14}, 0x14}}, 0x20000844)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
sendfile(r3, r4, &(0x7f0000000140)=0x7, 0x3ff)

04:27:09 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:09 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25)

04:27:09 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1236.793091] FAULT_INJECTION: forcing a failure.
[ 1236.793091] name failslab, interval 1, probability 0, space 0, times 0
[ 1236.795772] CPU: 1 PID: 8305 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1236.797168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1236.798967] Call Trace:
[ 1236.799507]  dump_stack+0x107/0x167
[ 1236.800253]  should_fail.cold+0x5/0xa
[ 1236.801036]  ? create_object.isra.0+0x3a/0xa20
[ 1236.801982]  should_failslab+0x5/0x20
[ 1236.802774]  kmem_cache_alloc+0x5b/0x310
[ 1236.803608]  ? mark_held_locks+0x9e/0xe0
[ 1236.804445]  create_object.isra.0+0x3a/0xa20
[ 1236.805353]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1236.806421]  kmem_cache_alloc_bulk+0x168/0x320
[ 1236.807371]  io_submit_sqes+0x6f76/0x85c0
[ 1236.808266]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1236.808908] FAULT_INJECTION: forcing a failure.
[ 1236.808908] name failslab, interval 1, probability 0, space 0, times 0
[ 1236.809282]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1236.809309]  ? lock_downgrade+0x6d0/0x6d0
[ 1236.812400]  ? find_held_lock+0x2c/0x110
[ 1236.813242]  ? io_submit_sqes+0x85c0/0x85c0
[ 1236.814139]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1236.815135]  ? wait_for_completion_io+0x270/0x270
[ 1236.816123]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1236.817065]  ? vfs_write+0x354/0xa70
[ 1236.817826]  ? fput_many+0x2f/0x1a0
[ 1236.818580]  ? ksys_write+0x1a9/0x260
[ 1236.819357]  ? __ia32_sys_read+0xb0/0xb0
[ 1236.820188]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1236.821255]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1236.822310]  do_syscall_64+0x33/0x40
[ 1236.823084]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1236.824128] RIP: 0033:0x7f06e6057b19
[ 1236.824895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1236.828636] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1236.830172] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1236.831634] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1236.833075] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1236.834542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1236.835984] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1236.837456] CPU: 0 PID: 8314 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1236.838380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1236.839376] Call Trace:
[ 1236.839698]  dump_stack+0x107/0x167
[ 1236.840137]  should_fail.cold+0x5/0xa
[ 1236.840591]  should_failslab+0x5/0x20
[ 1236.841046]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1236.841593]  io_submit_sqes+0x6f76/0x85c0
[ 1236.842104]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1236.842697]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1236.843281]  ? lock_downgrade+0x6d0/0x6d0
[ 1236.843777]  ? find_held_lock+0x2c/0x110
[ 1236.844264]  ? io_submit_sqes+0x85c0/0x85c0
[ 1236.844790]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1236.845392]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1236.846044]  ? trace_hardirqs_on+0x5b/0x180
[ 1236.846557]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1236.847210]  ? fput+0x9/0x20
[ 1236.847565]  ? __sanitizer_cov_trace_pc+0x30/0x60
[ 1236.848142]  ? fput_many+0x2f/0x1a0
[ 1236.848554]  ? ksys_write+0x1a9/0x260
[ 1236.849009]  ? __ia32_sys_read+0xb0/0xb0
[ 1236.849471]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1236.850095]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1236.850684]  do_syscall_64+0x33/0x40
[ 1236.851131]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1236.851703] RIP: 0033:0x7f79e8f8cb19
[ 1236.852145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1236.854216] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1236.855152] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1236.856000] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1236.856857] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1236.857704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1236.858568] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:27:09 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext={0x80000}, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$AUTOFS_IOC_SETTIMEOUT(r5, 0x80049367, &(0x7f0000000040)=0x1ff)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:27:09 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_bp={&(0x7f0000000140), 0x8}, 0xdd48a83c10608be0, 0x0, 0x0, 0x2, 0x5, 0x1000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x45ae, 0x0, 0x2, 0x3b2, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000380), 0x10000, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd=r4, 0x7ff, 0x0, 0x400, 0x4, 0x1}, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000280)=@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}}, 0x0)
io_uring_enter(r0, 0x76d2, 0x0, 0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
creat(&(0x7f0000000240)='./file1\x00', 0xc1)
write$binfmt_elf64(r5, &(0x7f0000000100)=ANY=[], 0xfdef)
r6 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x230}, {r6}, {0xffffffffffffffff, 0x4}, {r5, 0x408}, {r5, 0x108}], 0x5, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)={[0x8]}, 0x8)
fallocate(r5, 0x8, 0x0, 0x8000)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r6, 0x80286722, &(0x7f0000000300)={&(0x7f00000001c0)=""/89, 0x59, 0x80000001, 0x6})
openat(r5, &(0x7f0000000180)='./file0\x00', 0x351201, 0x3)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)

04:27:09 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:09 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:27:22 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20)

04:27:22 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r5=>r3, {0x3}}, './file0\x00'})
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x20, 0x7f, 0x2, 0x20, 0x0, 0x5, 0x281fe6fc4c9fcc40, 0xb, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200, 0x8}, 0x40c7, 0x2, 0x9, 0x8, 0x0, 0x4, 0x640, 0x0, 0xfffffffd, 0x0, 0x9}, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0x2)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:27:22 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000140), 0x8}, 0xdd48a83c10608be0, 0x0, 0x0, 0x2, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r0, 0x80, &(0x7f0000000280)=@in6={0xa, 0xfffe, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}}, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000008, 0x10, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0xa084}}, 0x20)
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000001, 0x40f0050, 0xffffffffffffffff, 0x10000000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000440)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(0xffffffffffffffff, r4)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000180)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x0, @fd=r2, 0xff, 0x9, 0xfe, 0x1d, 0x1, {0x3, r3}}, 0xcc9e)
io_uring_enter(0xffffffffffffffff, 0x76d2, 0x0, 0x0, 0x0, 0x0)
r5 = creat(&(0x7f0000000380)='./file0\x00', 0x28)
write$binfmt_elf64(r5, &(0x7f0000000100)=ANY=[], 0xfdef)

04:27:22 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26)

04:27:22 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:27:22 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:27:22 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:22 executing program 5:
creat(0x0, 0x2)
r0 = syz_io_uring_setup(0x68d4, &(0x7f0000000100)={0x0, 0x867e, 0x10, 0x0, 0x235}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000400), &(0x7f00000002c0))
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r2, 0x4018f50b, &(0x7f0000001b80)={0x1, 0x2})
syz_io_uring_setup(0x2807, &(0x7f0000000180)={0x0, 0x6246, 0x4, 0x1, 0x3a5}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000080))
syz_io_uring_setup(0x4684, &(0x7f0000000300)={0x0, 0x9dc0, 0x20, 0x0, 0x2e8, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f0000001b00)=<r4=>0x0)
r5 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r6=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r5], 0x1}, 0x58)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r7}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r6, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r7}}, 0xae8b)
syz_io_uring_submit(r3, r4, &(0x7f0000001b40)=@IORING_OP_CLOSE={0x13, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x2)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x24081, 0x0)
fcntl$dupfd(r8, 0x0, r0)
pwrite64(0xffffffffffffffff, &(0x7f0000000040)="f705636e78d7fe56dc785801c1639135f64ee7b44ea8862a6e57b093fb04375b3e0f873e7d29c115a4c23c962b433c021ece0cc82189b2e928912c82fb", 0x3d, 0x8)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x9, 0x4, 0x6, 0xfd, 0x0, 0x2, 0x20201, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, 0x1, @perf_bp={&(0x7f0000000240), 0x1}, 0x40000, 0x1000, 0x0, 0x7, 0xffff, 0x0, 0x94e, 0x0, 0x6, 0x0, 0x9}, 0x0, 0xb, 0xffffffffffffffff, 0x6817f38971100a5c)
perf_event_open(&(0x7f0000001d80)={0x1, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x40, 0x8, 0x6, 0x2, 0x9, 0x2, 0x0, 0x7, 0x2a9, 0x40, 0x165, 0x400, 0x3, 0x38, 0x2, 0x8, 0xffff, 0xffff}, [{0x6474e551, 0x10001, 0x928, 0x20, 0x0, 0x7fffffff, 0x7fffffff, 0x8}, {0x70000000, 0x9, 0x7, 0xab, 0xe40, 0xfffffffffffffff9, 0x3, 0x6}], "8aa4f06ed6443f4119d9f3c26c5564e39b67cac8c8ff68551bf48868850335882a75bfeb4bc00eb8c35a1b31f9856eb814c09e8a6d3b6449f626043a2e18dcb0ce55c30941741415f25ec02e283140c1fc92294b694bb0405225463aafb2dfc6909a4f9f653d5480a136d0fb4cf8b2a0dc16d3e45c0d32a20d06d13f04ca0d5bc534122eb9215480150b52211abf786c8d6c2a382ca446dbd2c4f5da7d100425f7e7f6d081f61bb61b4e70711bb10a9e1caa481dd262040d8f27d10ebaed744bbd63df6fad0dec751d5a46b45c6f6d9cdc743062736a3bb8fd5a5ea06cdd12cee947b1e2edf6e00c528cbaa8bad223bc0b428bff941476f949b07636dcf0152a95bd46482fb567e87bcf391635618fbd9561b5b80e82de9e64f279c8a28144da15a8561cc482131b0a21ee47007c9007226e6c9e0e79ad721d9421d878d69eb443ff838145a784b711f2b3e24989c9a7cc9c1e28233cd804b6b912746bce340ae1dd042e41be173df814eab2490a2236d95c5598f5b126a13051b648229527f23aceb2dc0c8712034246d7b3ae6d6b7f741125e8e71c82c30c423ad5dc96313e3fd9e30d6efbf08a254d8a023a52493d8e937d6382366ec0841a23b86d2cc52d2c1d257f1ac9c016e6e2f2e5f2f1c9045a0ca7558d9068c7f01586a6fe7a57fe4c53e58813d09c464e80045f261da29e411a7ba8dd2cae762a2060109c5562e1036ad2592b42616a44b637519b004eea58ab78be17da8eb016e88b6983bf98fea61edc0a20a962ea7efd2eba71c671a9ba0461652ca91fe1500ed0d2b5a8f82f146abab86e30682ffb230bea0aecea96d2a3b0413f01dec946bee578eed489534cbd0af56c627ef1dda97c7ecad0b1d071aba5cd2da9133232817c70b67e924cac9847a1580369eafc4c82b0cd914e3cb3d858201771d10829468106cc8a1e39d4381b665cfb317521cc7162061d572ed068244d581f3b42b06b8739b41918dad7dd33e3a1d7b610f6541670b020cca1430002828c4d6ccd1cb721f7afff4d8e386d3b6076e2107dd24336a06677e7e46a778c112c5aab6f0a445b816f2a429a8638eafd9ff9e2c9c59b927cc2a7f37e8b4c87a4bc3050f19115c4f23f104c0c4d381a26cc0450ab0b5d9ce7d8f05b7473d6804f745b625f44dd9d9b9883955af16ce64e5c0cb5726d0ab78ba5d96403719f694fcde52ab2e0715ae7da2016805419ebe0f6a6e95a987fd51ada7d911fb5017519784b00e2e457721fff0eaac679c7c86a4f40c41e5420c87dec4685b5ba1936561b0676877e1d24fb866c45913c365a9dc79c29e3fbdc28ca8f9632ead5f3603ea334ffe72f3341dd313b27390bd596650b705d34579b1ed144d650f1362d752894c779e762ad9d3805d813076ff6dd0f0a9e50ae13f46bd0651b7ec2a05e55227df9a51dc00c18133798b527bd4e84fa0d1de4d1bc954695d3b868d02d049c6d330eb967e3e85300a887d4209cb1cba26e7c4637d384fbb6e40914a718f58da7b634cb40c091049b622feea7c8595e941f11a1b0e0493dc3b83b21d7746c14c47b0a83e093ce1b54e007bb686d44f995922e4f6e6817c3f5e8290a6f2bcdd803ba8457004223e858da727c373d910c96c3da357fdf1312e3e671b765cbda2df4136e21152d25f37e25e4769a2075d2a587833571aa8a072fe770031834ec77999fa6656fa1e055179e18e97fa7e0e9cda02126dd91acb20bade20b99e5b1a2c40f1fa38fb5d40bd44fd723fc8a7dcece2cfeb27534e45d6bc95315c6dfc716f580dba77af594fa375a835453fabbc4b21dae6fc6e9316f1e318ec78590e29bdd1a4960953c44cffbafec923fad60e73d44ea1eb0bbf9590421752818209e3358efda4a63eef57baab631984d1454550389c7b29d84f7326b124914581e556b8beecb80acf43bcaadeefad5a80f5f69b4bd5ed3487b254addfbd48647b4f5e9b5c5e31fe1842c0a0305343557a746f3a5070a30625ddf0ac14935e7ef0dbee181f1253a7a5c7daeaa667bcba8d2b1298901c9e18f1fe4b0995789e8e8398ac59f8bb13615e30571e24ffdf057321fcc6e408800feee77fb309430379f811dfa6118a0030b3503cbb21958a98461ad1bf105d43df7b07e51f81bd58cde16c1d4ead4a285319258e0e3d80fe451fd3965dd91a9bea2561e5f89cd8d6d2a475bfa68e71d959efa2b0ea05958c8d25b2748a64d777db7315b1513d2ffdec96c23897c05bdd2805d59325edd347c970efead3df740895d5859c5e0c535f338ab6976d2fd2fe472aa9c0b6903c771d1a6a34f78a8d39c3c413bd19e6556cb03acabcd9dc277c5b731cf26f264d0f422f87f9757310c1af3657fe3ee0c19db4e4c34eda9d9d34bf1f3617a6cf137ddaf486c53019293d51ac39a4166e588534014e676a49384a9745d3a3990a112f2552c331f57cddb209e2da6fa590c5a6d1c240a2387f397894321d7d0d5a2106775318db3be3c4e1fe31e47e7b223d1bd745f8ea22f6027e96b1ca4fd76dc926fad53e8675b6d0a1430bb9a88c753db28193e75d30483f7186083ac35fea2b70d150b30299a890dfb264aad37bb8365f2ad83fdeb57c6f106338b3d3064eaf5fc68473bf2b67bb7320665bac4fcb2f2fb5b5f24f32e199eba7ff2539120631a89eef46f1b94816cf5cea419bb3cf8ca4d01b4418069c10969d9811036808bf896786494e81187e12781b18ad447688ce915c12cd887327b6f08e8e12a9a1fa467efa3a23777718c70cfe926cd8cb60590fc04b3f741cd1340ca568e473061bb30629f7d9b330267cc2599a81835652759a64b16e8e43aedbca5cb37a9ff8e42b1146218af2a9223f9e6222c98190b89007533130fa5e376c87c60ccf14e2eef798f268817a3f941b60850cc3e5400c47aa9371987f20da31ff8352d7dd7c544325a390be4138d84f507d87edcca2ed9578e330692423b8d19302a165f51142dea535b9feff02b03e8b7b1dd354c3a76d312291b25c75900e8c55f459d9c0c9643f995c40284d7d841119e52dd5fadd145d04aeed802b2160af0fab2ba1595c09da828fce8cee03fc09a359623088069c2029ced10edcf5a6284dae3e8b17ce424f7136f6acfc8bcd9c762adc2efd013dd1258197535a656fe1b6cf48fd05427d7379f542c9f1569508105272cad872cbedc0d6c1b5dabc81ffdf5c09a7c05594a5226e36d1af054e02225af25b6196991fe484fc289fddd15ed489c998a51e83948e18614a239b9908b16a133d7d6812f8e769c2dab28a2b51343895ddf67f31aa7dc567055cd2d424d9e2f878931326157645c92d7aa16c817dea8547fdb964e891ce7c4ce905a70377711c98322d2a249e1fdce5017156f045cae5411dea92427fa907693d16d31a45fe70df17834b0826e68c9867cf039c5bed4507f17bbe7500173886110ad3d559d316e3e7a876e21a61454aebfe7724cd765fb0efe7cd1093e8ea38ca50261c73f9fe09ba47740831c079d836e823ccc1bf4cd26095901d18274adf6a19b24a2352730889ba2298b7820beeea87e43d1923ba8b8a51da52271f57ea33ed349d088c9070209ef6f0b7efe6ba096605dc9044f4a455b805934a180c733156eacfe141529508fe1e43efcd8c8e1b57983e6195ed2949307e3ce0c12d03013f5c84fbb5bbec207c19a66bdc53bab428ad30e84482f15cbe346c36f148724fba4fdea4477c25f08db0b829c2c8ca74458d7d104695ff7729c61c8d1f9a1c891ce1dbfd19a0355d659535b4081838337f16566d1ddbfd336aa8ee98d527c560b72f711449b9e7e596e491a5793b5c3ef29de676cfd82826b64dac9c0960480b2a89f23290cb13585d18efb246455fc8c8dc7c00ddd3cec32e870d5471f8c755cb094da1ff8537bf84f2a4cbf5a77600dac8c1f55ef3cc549394b518861ef9f2d69187867b64428216820411081e34dfda05824b4717b83e72de6837ae8ce335d7028c076c63f1a583893b24d16b56d89148919f2a4e67e78671884922978dd4b06fb880e460b59c052e4f13b276f7cf832f3bd0f56d8c41c5113c0492be02c0023acf8bdaaff497f5ce28f13319d840210924587dd0113484224ed08b1cec661d5e4ee7337413678a12bd865ffa4c96a47e261492e796b48f10130b2b1d750b17a3e04965866f1069702f345202a266cd389d6ba981a7914a7f766011b62451e5f6156793681a5540daebcc78fe61c9521adfbd27e1e90dfa9f9888c9af7276abe3227a81bcfb420e26adf3e10a50866957552ae6f776b36df9f2bbf48bc870d4a022a51c32db74db75af166dc0faf879fb6f0de62c442a5f3715ed0b40d88505f6897c4940c1ffb27b0038a176c3cb5993d43b544ed48735a091526fb0d5609aeb6bf40232c8220a1f391a45117215b8fd78ec4b7feb176657555e7bacaad4f42027b871759e2b38c5c92bfb4cc778c5decb14807ef5ac9d990830fda65b2f3af0fa65bb12e91f52c8021c5d093843fe4bcfe4c45cbd43d5c7038ea362fb7bf33979ebd08f1812ce257bff5ed5c1ada8588c34dc66e32d54d5b7207cc4525cb69bdce4d7cf82355202a94928ec3a69ef63165c0d82df442b6d680b5695778eab3e17e96d6d3f5ea3204390a0f1e2f18d025040568ee055fafcbf831ba67b07a5da6b9ed4deed0d980faf7bf750cabb0ecb26f28d446991c28811b886a5cc25726c2e0fc8f98491433ee95c225b19a16181f767500813e076cfdf822168dc8ec4a745c3b09bfe5979da7c9709d5b1a0395ce0cae7de975bb6cf37bf394f0448b73073e4409df201996a785d7ca08c84ea766b6ec029b410f9a10d67a8de729e7b41e6378872248925d8bde99c547efc67dc8014a422fa6f90db1134a3eaedf8a3b6dca44579e8c26224dac5f5ab227e9b2f0a6f596cd0ed240a3a0ead6195c3d877d456d4d0fee8fb7dc6ea3a45147365daf45ac4f8f40657a0d32456155247b83e4a49d010ea6966d8f3c7f5a33c2bfcc142bad10411be6eb62b6ebe25fd0a957d5bc5d6b59f49d61a210185ce1d4840434605207c70378d1e7fc1321ba2b0a12422ba5a9799ba7cae449ab6e87f1e40422955e1b2078f20dbc7a30ba4d1c594840c89144b5a220714c3b09c81ff35d619c23ccb274f6c537c966122c25696505c01fd0dc34362d155e5958034377e34164e5a1094b84138af5773ae5535827b63f2a4bf8219768c09e9beee7c99dc324f7d3a765d096a39c72b2daa71c509d7d3c092477c45048ec9f56656160096e61c93281430814f19b7734662a070269ec2d77be4e78819a2ed26355b74da6ba2a38c54d5da7d9c7203aec48095745f645040bf6dae1856de69bd303d9e59409388130ea68d64c0206a57a73ae12f2f6566bd2339f916efe3daa58a347fc3a55311b2382cb9e2f42f8d3aadd5e81ac3d41d281dd4a2a1d23a265798bd6c859213c770204d39ebc517e4a9ab203e672a4c583b86b31100aaaf747c78a4ee965ec7e4d4530804a1551eb697ef670799951031b8a70ba834d76bf2e88db1ed7d6561775e8f31676505eaf31e6c4b5c59a9ea62160753a5260b80220b89ceb806970472cb42bcc37280365b8c0b27cafb5e7378133dc664b68344a66e25036c11fe66c89eb860dec80bc3b6892ea55a5eb7d76a00d3b616322ab99214efe6ef256aad0a2197a598f881baa054df03ce1355bd98db04d70a53a3652fed4b190f81dc2bf474e4d2681da921efae512b2b86fd07603c68888f5fd6e50b305d426d5fca4e6fd606800ad63afa2de95", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x16b0)
fork()

[ 1250.033874] FAULT_INJECTION: forcing a failure.
[ 1250.033874] name failslab, interval 1, probability 0, space 0, times 0
[ 1250.035598] CPU: 0 PID: 8344 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1250.036414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1250.037392] Call Trace:
[ 1250.037675] FAULT_INJECTION: forcing a failure.
[ 1250.037675] name failslab, interval 1, probability 0, space 0, times 0
[ 1250.037707]  dump_stack+0x107/0x167
[ 1250.037730]  should_fail.cold+0x5/0xa
[ 1250.040867]  ? create_object.isra.0+0x3a/0xa20
[ 1250.041423]  should_failslab+0x5/0x20
[ 1250.041881]  kmem_cache_alloc+0x5b/0x310
[ 1250.042381]  create_object.isra.0+0x3a/0xa20
[ 1250.042948]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1250.043576]  kmem_cache_alloc_bulk+0x168/0x320
[ 1250.044140]  io_submit_sqes+0x6f76/0x85c0
[ 1250.044706]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1250.045343]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1250.045958]  ? lock_downgrade+0x6d0/0x6d0
[ 1250.046492]  ? find_held_lock+0x2c/0x110
[ 1250.047021]  ? io_submit_sqes+0x85c0/0x85c0
[ 1250.047580]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1250.048192]  ? wait_for_completion_io+0x270/0x270
[ 1250.048807]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1250.049404]  ? vfs_write+0x354/0xa70
[ 1250.049876]  ? fput_many+0x2f/0x1a0
[ 1250.050338]  ? ksys_write+0x1a9/0x260
[ 1250.050803]  ? __ia32_sys_read+0xb0/0xb0
[ 1250.051310]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1250.051934]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1250.052571]  do_syscall_64+0x33/0x40
[ 1250.053014]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1250.053630] RIP: 0033:0x7f79e8f8cb19
[ 1250.054065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1250.056310] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1250.057265] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1250.058151] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1250.059056] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1250.059898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1250.060784] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1250.061735] CPU: 1 PID: 8340 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1250.063126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1250.064767] Call Trace:
[ 1250.065297]  dump_stack+0x107/0x167
[ 1250.066032]  should_fail.cold+0x5/0xa
[ 1250.066823]  ? create_object.isra.0+0x3a/0xa20
[ 1250.067747]  should_failslab+0x5/0x20
[ 1250.068513]  kmem_cache_alloc+0x5b/0x310
[ 1250.069330]  ? mark_held_locks+0x9e/0xe0
[ 1250.070143]  create_object.isra.0+0x3a/0xa20
[ 1250.071032]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1250.072078]  kmem_cache_alloc_bulk+0x168/0x320
[ 1250.072997]  io_submit_sqes+0x6f76/0x85c0
[ 1250.073874]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1250.074890]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1250.075879]  ? lock_downgrade+0x6d0/0x6d0
[ 1250.076706]  ? find_held_lock+0x2c/0x110
[ 1250.077538]  ? io_submit_sqes+0x85c0/0x85c0
[ 1250.078412]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1250.079384]  ? wait_for_completion_io+0x270/0x270
[ 1250.080368]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1250.081294]  ? vfs_write+0x354/0xa70
[ 1250.082059]  ? fput_many+0x2f/0x1a0
[ 1250.082794]  ? ksys_write+0x1a9/0x260
[ 1250.083571]  ? __ia32_sys_read+0xb0/0xb0
[ 1250.084400]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1250.085462]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1250.086533]  do_syscall_64+0x33/0x40
[ 1250.087289]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1250.088333] RIP: 0033:0x7f06e6057b19
[ 1250.089091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1250.092829] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1250.094373] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1250.095832] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1250.097279] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1250.098744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1250.100193] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:27:23 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:27:23 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21)

04:27:23 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000340)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[])
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="3d97a0905887314ff9ffaca81fd2334d414c590f3e49a89b85c5bb5a2a7187d647d6c99898521b4b99854aacb7316a380294b8a387e675aaf932", 0x3a, 0x1}], 0x101000, &(0x7f0000000180)={[{@mpol={'mpol', 0x3d, {'default', '', @void}}}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74]}}, {@size}, {@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}, {@huge_within_size}, {@nr_blocks={'nr_blocks', 0x3d, [0x38, 0x67, 0x19]}}, {@nr_blocks={'nr_blocks', 0x3d, [0x6b, 0x78, 0x39, 0x38, 0x67, 0x2d, 0x2d, 0x6d]}}, {@mode={'mode', 0x3d, 0x100000000}}], [{@seclabel}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@appraise}, {@smackfsfloor={'smackfsfloor', 0x3d, 'vfat\x00'}}]})
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0)
truncate(&(0x7f0000000280)='./file1\x00', 0x3ff)

04:27:23 executing program 1:
r0 = syz_io_uring_setup(0x1b50, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1250.274555] FAULT_INJECTION: forcing a failure.
[ 1250.274555] name failslab, interval 1, probability 0, space 0, times 0
04:27:23 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1250.275945] CPU: 0 PID: 8366 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1250.276802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1250.277700] Call Trace:
[ 1250.277999]  dump_stack+0x107/0x167
[ 1250.278419]  should_fail.cold+0x5/0xa
[ 1250.278859]  ? create_object.isra.0+0x3a/0xa20
[ 1250.279364]  should_failslab+0x5/0x20
[ 1250.279781]  kmem_cache_alloc+0x5b/0x310
[ 1250.280236]  ? mark_held_locks+0x9e/0xe0
[ 1250.280692]  create_object.isra.0+0x3a/0xa20
[ 1250.281180]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1250.281736]  kmem_cache_alloc_bulk+0x168/0x320
[ 1250.282253]  io_submit_sqes+0x6f76/0x85c0
[ 1250.282742]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1250.283297]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1250.283827]  ? lock_downgrade+0x6d0/0x6d0
[ 1250.284293]  ? find_held_lock+0x2c/0x110
[ 1250.284759]  ? io_submit_sqes+0x85c0/0x85c0
[ 1250.285264]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1250.285820]  ? wait_for_completion_io+0x270/0x270
[ 1250.286385]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1250.287001]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1250.287616]  ? trace_hardirqs_on+0x5b/0x180
[ 1250.288124]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1250.288746]  ? __io_uring_cancel+0x20/0x20
[ 1250.289238]  do_syscall_64+0x33/0x40
[ 1250.289663]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1250.290244] RIP: 0033:0x7f79e8f8cb19
[ 1250.290682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1250.292760] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1250.293619] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1250.294426] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1250.295240] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1250.296045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1250.296854] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:27:23 executing program 2:
r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb)
add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000440)={0x0, "9b55f610ffe7b9856842eb69443042b20caac33d7dda6ec6986b177fa13c2bd2c68577ea852c8bb47f31ee549b6a921e231ef07ee0f7fca620564faeeeafa440"}, 0x48, 0x0)
getsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000004c0)={@multicast1, @broadcast}, &(0x7f0000000500)=0x8)
r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @auto=[0x37, 0x61, 0x31, 0x36, 0x32, 0x61, 0x64, 0x61, 0x66, 0x68, 0x62, 0x35, 0x34, 0x31, 0x32]}, &(0x7f0000000640)={0x0, "f0129584e72cdc5f58ff7843606d9563719b9c6d4cfe30f47a7f1685ba5e77f13f15983cd53213806e78e42bdfad24967f633de9f4331681ba75234359307a0f", 0x25}, 0x48, r0)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(0xffffffffffffffff, 0x8010671f, &(0x7f0000000200)={&(0x7f00000006c0)=""/110, 0x6e})
add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, r1)
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$user(&(0x7f0000000a40), &(0x7f0000000a80)={'syz', 0x1}, &(0x7f0000000300)="a3", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', r3, 0xa})
request_key(&(0x7f0000000240)='.request_key_auth\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='dns_resolver\x00', r2)
add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000001020b0405060708090a0b0c0d0e0f101112131415161718191a1bc4451e1f202122232425262728292a2b32333435363703c8081953e7c5383b3a3b3c3d3e3f40000000000000ddfbc5952218e6931dc2271b57091fba5a5a641d8789925bd68f10e11cc699472203b8d678e3f930"], 0x48, r0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000004c0), 0x0, 0x800)
getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000400)={'HL\x00'}, &(0x7f0000000600)=0x1e)
perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

04:27:23 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:23 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:27:36 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:27:36 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
r6 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r4, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r6, {0x5}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r7, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:27:36 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27)

04:27:36 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:36 executing program 5:
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in=@private, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@private1}, 0x0, @in6=@empty}}, &(0x7f0000000040)=0xe8)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3fffffc, 0x2, &(0x7f0000000140)=[{&(0x7f0000010000)="601c6d6b646f736642a3c400088001000440000004f801", 0x17}, {0x0, 0x0, 0x800}], 0x0, &(0x7f0000000080)={[{@utf8}], [{@euid_lt={'euid<', r0}}]})

04:27:36 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22)

04:27:36 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/llc/core\x00')
syz_open_procfs$userns(0x0, &(0x7f0000000000))

04:27:36 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1263.253594] FAT-fs (loop5): Unrecognized mount option "euid<00000000000000000000" or missing value
[ 1263.255956] FAULT_INJECTION: forcing a failure.
[ 1263.255956] name failslab, interval 1, probability 0, space 0, times 0
[ 1263.257484] CPU: 0 PID: 8408 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1263.258240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1263.259152] Call Trace:
[ 1263.259487]  dump_stack+0x107/0x167
[ 1263.259917]  should_fail.cold+0x5/0xa
[ 1263.260377]  ? create_object.isra.0+0x3a/0xa20
[ 1263.260920]  should_failslab+0x5/0x20
[ 1263.261374]  kmem_cache_alloc+0x5b/0x310
[ 1263.261876]  ? mark_held_locks+0x9e/0xe0
[ 1263.262373]  create_object.isra.0+0x3a/0xa20
[ 1263.262921]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1263.263535]  kmem_cache_alloc_bulk+0x168/0x320
[ 1263.264050]  io_submit_sqes+0x6f76/0x85c0
[ 1263.264567]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.265161]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.265720]  ? lock_downgrade+0x6d0/0x6d0
[ 1263.266240]  ? find_held_lock+0x2c/0x110
[ 1263.266767]  ? io_submit_sqes+0x85c0/0x85c0
[ 1263.267312]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1263.267907]  ? wait_for_completion_io+0x270/0x270
[ 1263.268518]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1263.269105]  ? vfs_write+0x354/0xa70
[ 1263.269585]  ? fput_many+0x2f/0x1a0
[ 1263.270036]  ? ksys_write+0x1a9/0x260
[ 1263.270521]  ? __ia32_sys_read+0xb0/0xb0
[ 1263.271032]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1263.271694]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1263.272336]  do_syscall_64+0x33/0x40
[ 1263.272796]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1263.273430] RIP: 0033:0x7f06e6057b19
[ 1263.273851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1263.276187] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1263.277146] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1263.278034] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1263.278922] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1263.279816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1263.280706] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1263.288876] FAULT_INJECTION: forcing a failure.
[ 1263.288876] name failslab, interval 1, probability 0, space 0, times 0
[ 1263.291744] CPU: 1 PID: 8399 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1263.293128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1263.294798] Call Trace:
[ 1263.295333]  dump_stack+0x107/0x167
[ 1263.296067]  should_fail.cold+0x5/0xa
[ 1263.296839]  should_failslab+0x5/0x20
[ 1263.297598]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1263.298501]  io_submit_sqes+0x6f76/0x85c0
[ 1263.299416]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.300446]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.301425]  ? lock_downgrade+0x6d0/0x6d0
[ 1263.302266]  ? find_held_lock+0x2c/0x110
[ 1263.303111]  ? io_submit_sqes+0x85c0/0x85c0
[ 1263.303999]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1263.304985]  ? wait_for_completion_io+0x270/0x270
[ 1263.305972]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1263.306937]  ? vfs_write+0x354/0xa70
[ 1263.307696]  ? fput_many+0x2f/0x1a0
[ 1263.308437]  ? ksys_write+0x1a9/0x260
[ 1263.309225]  ? __ia32_sys_read+0xb0/0xb0
[ 1263.310066]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1263.311168]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1263.312235]  do_syscall_64+0x33/0x40
[ 1263.313002]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1263.314065] RIP: 0033:0x7f79e8f8cb19
[ 1263.314844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1263.318534] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1263.320078] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1263.321505] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1263.322968] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1263.324441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1263.325889] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:27:36 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:36 executing program 2:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x40}, 0x0, 0xffffffffffffffff, r0, 0x0)
ppoll(&(0x7f0000000b00)=[{}], 0x47, &(0x7f0000000b80)={0x0, 0x3938700}, 0x0, 0x0)

04:27:36 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')

04:27:36 executing program 5:
openat(0xffffffffffffff9c, 0x0, 0x639d1876ab868171, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$EVIOCGKEY(0xffffffffffffffff, 0x80404518, &(0x7f0000000300)=""/231)
accept$unix(0xffffffffffffffff, &(0x7f0000000140)=@abs, 0xfffffffffffffffc)
ftruncate(0xffffffffffffffff, 0xffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x62)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
preadv(r2, &(0x7f0000000440)=[{&(0x7f00000002c0)=""/77, 0x4d}, {&(0x7f0000000240)=""/103, 0x67}, {&(0x7f00000004c0)=""/149, 0x95}], 0x3, 0x2, 0x1)
fallocate(r1, 0x0, 0x0, 0x8800000)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
r3 = fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xcfb2}, 0x4c20, 0x0, 0x400, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat(r3, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x4, 0x4000, @fd_index=0x8, 0xffff, 0xc74a, 0x1f, 0x18, 0x0, {0x1, r5}}, 0x7)
sendfile(r0, r4, 0x0, 0x100000001)

04:27:36 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:27:36 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23)

04:27:36 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:27:36 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1263.471886] FAULT_INJECTION: forcing a failure.
[ 1263.471886] name failslab, interval 1, probability 0, space 0, times 0
[ 1263.473404] CPU: 0 PID: 8425 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1263.474097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1263.474938] Call Trace:
[ 1263.475216]  dump_stack+0x107/0x167
[ 1263.475592]  should_fail.cold+0x5/0xa
[ 1263.475982]  ? create_object.isra.0+0x3a/0xa20
[ 1263.476451]  should_failslab+0x5/0x20
[ 1263.476844]  kmem_cache_alloc+0x5b/0x310
[ 1263.477269]  ? mark_held_locks+0x9e/0xe0
[ 1263.477693]  create_object.isra.0+0x3a/0xa20
[ 1263.478147]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1263.478688]  kmem_cache_alloc_bulk+0x168/0x320
[ 1263.479314]  io_submit_sqes+0x6f76/0x85c0
[ 1263.479770]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.480427]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.480931]  ? lock_downgrade+0x6d0/0x6d0
[ 1263.481476]  ? find_held_lock+0x2c/0x110
[ 1263.481907]  ? io_submit_sqes+0x85c0/0x85c0
[ 1263.482482]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1263.483130]  ? wait_for_completion_io+0x270/0x270
[ 1263.483762]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1263.484371]  ? vfs_write+0x354/0xa70
[ 1263.484860]  ? fput_many+0x2f/0x1a0
[ 1263.485337]  ? ksys_write+0x1a9/0x260
[ 1263.485834]  ? __ia32_sys_read+0xb0/0xb0
[ 1263.486368]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1263.487062]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1263.487614]  do_syscall_64+0x33/0x40
[ 1263.487993]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1263.488516] RIP: 0033:0x7f79e8f8cb19
[ 1263.488903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1263.490776] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1263.491554] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1263.492283] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1263.493013] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1263.493741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1263.494471] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:27:36 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28)

04:27:36 executing program 2:
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

04:27:36 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
r4 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r4], 0x1}, 0x58)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000}, 0x0, 0xfffffffffffffffc, 0x4}, r4, 0xf, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:27:36 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1263.608705] FAULT_INJECTION: forcing a failure.
[ 1263.608705] name failslab, interval 1, probability 0, space 0, times 0
[ 1263.611422] CPU: 1 PID: 8437 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1263.612824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1263.614508] Call Trace:
[ 1263.615063]  dump_stack+0x107/0x167
[ 1263.615811]  should_fail.cold+0x5/0xa
[ 1263.616594]  ? create_object.isra.0+0x3a/0xa20
[ 1263.617531]  should_failslab+0x5/0x20
[ 1263.618311]  kmem_cache_alloc+0x5b/0x310
[ 1263.619149]  ? mark_held_locks+0x9e/0xe0
[ 1263.619969]  create_object.isra.0+0x3a/0xa20
[ 1263.620860]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1263.621891]  kmem_cache_alloc_bulk+0x168/0x320
[ 1263.622846]  io_submit_sqes+0x6f76/0x85c0
[ 1263.623711]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.624712]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.625686]  ? lock_downgrade+0x6d0/0x6d0
[ 1263.626520]  ? find_held_lock+0x2c/0x110
[ 1263.627351]  ? io_submit_sqes+0x85c0/0x85c0
[ 1263.628232]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1263.629211]  ? wait_for_completion_io+0x270/0x270
[ 1263.630186]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1263.631141]  ? vfs_write+0x354/0xa70
[ 1263.631895]  ? fput_many+0x2f/0x1a0
[ 1263.632629]  ? ksys_write+0x1a9/0x260
[ 1263.633398]  ? __ia32_sys_read+0xb0/0xb0
[ 1263.634221]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1263.635283]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1263.636330]  do_syscall_64+0x33/0x40
[ 1263.637079]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1263.638112] RIP: 0033:0x7f06e6057b19
[ 1263.638867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1263.642577] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1263.644128] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1263.645557] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1263.647009] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1263.648443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1263.649884] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:27:36 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:36 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24)

04:27:36 executing program 1:
syz_emit_ethernet(0xb6, &(0x7f0000000180)=ANY=[@ANYBLOB="018002000000aaaaaaaaaa0286dd600020010000000000000000000000000000ff0200000000000000000000000000013205000000000000c204"], 0x0)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140)={0x0, 0x0, 0x2}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000040)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xe, 0x1, {0x0, r5}}, 0x9)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:27:36 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:36 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:27:36 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r6 = getpgrp(0xffffffffffffffff)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0xfc, 0x0, 0x4, 0xff, 0x0, 0x3, 0x40, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x0, @perf_config_ext={0x6, 0x47d0}, 0xc80, 0x2, 0x9, 0x0, 0x8, 0x2, 0x0, 0x0, 0x8cb, 0x0, 0x8001}, r6, 0x10, r4, 0x3)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1263.796110] FAULT_INJECTION: forcing a failure.
[ 1263.796110] name failslab, interval 1, probability 0, space 0, times 0
[ 1263.799101] CPU: 1 PID: 8453 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1263.800486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1263.802170] Call Trace:
[ 1263.802714]  dump_stack+0x107/0x167
[ 1263.803460]  should_fail.cold+0x5/0xa
[ 1263.804237]  ? create_object.isra.0+0x3a/0xa20
[ 1263.805167]  should_failslab+0x5/0x20
[ 1263.805967]  kmem_cache_alloc+0x5b/0x310
[ 1263.806910]  ? find_held_lock+0x2c/0x110
[ 1263.807733]  create_object.isra.0+0x3a/0xa20
[ 1263.808627]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1263.809728]  __kmalloc_node+0x1ae/0x420
[ 1263.810691]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1263.811757]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1263.812773]  kmem_cache_alloc_bulk+0x182/0x320
[ 1263.813721]  io_submit_sqes+0x6f76/0x85c0
[ 1263.814596]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.815633]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1263.816610]  ? lock_downgrade+0x6d0/0x6d0
[ 1263.817449]  ? find_held_lock+0x2c/0x110
[ 1263.818275]  ? io_submit_sqes+0x85c0/0x85c0
[ 1263.819171]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1263.820155]  ? wait_for_completion_io+0x270/0x270
[ 1263.821150]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1263.822076]  ? vfs_write+0x354/0xa70
[ 1263.822834]  ? fput_many+0x2f/0x1a0
[ 1263.823572]  ? ksys_write+0x1a9/0x260
[ 1263.824350]  ? __ia32_sys_read+0xb0/0xb0
[ 1263.825174]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1263.826230]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1263.827284]  do_syscall_64+0x33/0x40
[ 1263.828037]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1263.829079] RIP: 0033:0x7f79e8f8cb19
[ 1263.829834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1263.833563] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1263.835127] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1263.836564] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1263.837994] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1263.839435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1263.840885] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:27:36 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:27:50 executing program 1:
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000040))
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140)={0x0, 0x4924}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4863e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:27:50 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x5a35, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x10003}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
ftruncate(0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xb052)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0xd}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r3 = memfd_create(&(0x7f0000000040)='.\\\x88,\x00', 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:27:50 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29)

04:27:50 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:27:50 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:27:50 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25)

04:27:50 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:27:50 executing program 2:
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000000)={0x401, 0x0, 0x3})
syz_mount_image$tmpfs(&(0x7f0000000440), &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={[], [{@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]})

[ 1277.320740] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev tmpfs, type tmpfs) errno=-22
[ 1277.380812] FAULT_INJECTION: forcing a failure.
[ 1277.380812] name failslab, interval 1, probability 0, space 0, times 0
[ 1277.383527] CPU: 1 PID: 8482 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1277.384933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1277.386637] Call Trace:
[ 1277.387198]  dump_stack+0x107/0x167
[ 1277.387951]  should_fail.cold+0x5/0xa
[ 1277.388739]  ? create_object.isra.0+0x3a/0xa20
[ 1277.389683]  should_failslab+0x5/0x20
[ 1277.390463]  kmem_cache_alloc+0x5b/0x310
[ 1277.391321]  ? mark_held_locks+0x9e/0xe0
[ 1277.392162]  create_object.isra.0+0x3a/0xa20
[ 1277.393063]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1277.394113]  kmem_cache_alloc_bulk+0x168/0x320
[ 1277.394788] FAULT_INJECTION: forcing a failure.
[ 1277.394788] name failslab, interval 1, probability 0, space 0, times 0
[ 1277.395077]  io_submit_sqes+0x6f76/0x85c0
[ 1277.398372]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1277.399403]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1277.400382]  ? lock_downgrade+0x6d0/0x6d0
[ 1277.401227]  ? find_held_lock+0x2c/0x110
[ 1277.402067]  ? io_submit_sqes+0x85c0/0x85c0
[ 1277.402974]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1277.403979]  ? wait_for_completion_io+0x270/0x270
[ 1277.404966]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1277.405913]  ? vfs_write+0x354/0xa70
[ 1277.406691]  ? fput_many+0x2f/0x1a0
[ 1277.407458]  ? ksys_write+0x1a9/0x260
[ 1277.408262]  ? __ia32_sys_read+0xb0/0xb0
[ 1277.409182]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1277.410311]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1277.411464]  do_syscall_64+0x33/0x40
[ 1277.412361]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1277.413554] RIP: 0033:0x7f79e8f8cb19
[ 1277.414385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1277.418437] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1277.420129] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1277.421698] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1277.423267] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1277.424843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1277.426455] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1277.428170] CPU: 0 PID: 8485 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1277.429708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1277.431577] Call Trace:
[ 1277.432167]  dump_stack+0x107/0x167
[ 1277.432986]  should_fail.cold+0x5/0xa
[ 1277.433825]  ? create_object.isra.0+0x3a/0xa20
[ 1277.434859]  should_failslab+0x5/0x20
[ 1277.435695]  kmem_cache_alloc+0x5b/0x310
[ 1277.436605]  create_object.isra.0+0x3a/0xa20
[ 1277.437584]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1277.438671]  kmem_cache_alloc_bulk+0x168/0x320
[ 1277.439721]  io_submit_sqes+0x6f76/0x85c0
[ 1277.440702]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1277.441804]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1277.442899]  ? lock_downgrade+0x6d0/0x6d0
[ 1277.443826]  ? find_held_lock+0x2c/0x110
[ 1277.444737]  ? io_submit_sqes+0x85c0/0x85c0
[ 1277.445708]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1277.446799]  ? wait_for_completion_io+0x270/0x270
[ 1277.447917]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1277.448960]  ? vfs_write+0x354/0xa70
[ 1277.449804]  ? fput_many+0x2f/0x1a0
[ 1277.450617]  ? ksys_write+0x1a9/0x260
[ 1277.451479]  ? __ia32_sys_read+0xb0/0xb0
[ 1277.452390]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1277.453551]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1277.454622]  do_syscall_64+0x33/0x40
04:27:50 executing program 2:
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000005c0), 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000100000018000100", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000400)=0x5)
recvmsg(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000880)=@rc={0x1f, @none}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000940)=""/149, 0x95}], 0x1}, 0x2)
syz_open_procfs(0x0, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000340)=""/70, 0x46, 0xfffffffffffffff8)
r1 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@mpol={'mpol', 0x3d, {'prefer', '', @val={0x3a, [0x30, 0x30, 0x32, 0x39, 0x0, 0x38, 0x36, 0x2c, 0x34, 0x38]}}}}]})
mknodat$loop(r1, &(0x7f0000000240)='./mnt\x00', 0x0, 0x1)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0xffffffffffffffff, r2, 0x0)
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000a00)=""/236, 0xec}, {&(0x7f0000000b00)=""/231, 0xe7}, {&(0x7f00000007c0)=""/150, 0x96}], 0x3, 0xcae, 0x0)
mount$9p_unix(&(0x7f0000000300)='./file0\x00', &(0x7f0000000440)='./mnt\x00', &(0x7f0000000480), 0x115549713482a633, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=unix,rootcontext=system_u,smackfsroot=prefer,fsmagic=0x0000000000000004,uid<', @ANYRESDEC, @ANYBLOB=',dont_measure,fowner>', @ANYRESDEC=r2, @ANYRESHEX=r2])
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000005080)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="3bfd69fb318e705ee6f7be1142661f212dd5733e690b44491459c1a03d37dce957378a0d4e1191ebdc"], 0x18}}], 0x1, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/fib_trie\x00')
preadv(r4, &(0x7f0000000580)=[{&(0x7f0000001380)=""/213, 0xd5}, {&(0x7f0000000600)=""/209, 0xd1}, {&(0x7f00000001c0)=""/89, 0x59}], 0x3, 0x5545, 0x0)
open$dir(&(0x7f0000000180)='./file0\x00', 0x442000, 0x20)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000000))

[ 1277.455426]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1277.456660] RIP: 0033:0x7f06e6057b19
[ 1277.457434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1277.461203] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1277.462789] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1277.464304] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1277.465779] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1277.467268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1277.468764] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1277.546372] tmpfs: Bad value for 'mpol'
[ 1277.577006] tmpfs: Bad value for 'mpol'
04:28:06 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x5a35, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x10003}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
ftruncate(0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xb052)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0xd}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r3 = memfd_create(&(0x7f0000000040)='.\\\x88,\x00', 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:06 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_setup(0x1225, &(0x7f00000001c0)={0x0, 0xd5b3, 0x2, 0x0, 0x1db, 0x0, r3}, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000240))
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
syz_mount_image$iso9660(&(0x7f0000000300), &(0x7f0000001800)='./file0\x00', 0x6, 0x5, &(0x7f0000001ac0)=[{&(0x7f0000001e00)="44e4e228e8a011d272c294460fd2eaa112812b533ffa59e34eaf9f7542fee7f3939f01b0b2e33e533bf4c92522d10d081128f1c83599823cb3b2c221856fe504e0da802ab2cc99e88248f869229eacb90c2824ae687f8b4e7847e37e889c7efe5a26f1c3473a3f0c5bd302b4f87d2c69aa3adcc733bf7fc1099e8f670f5b80a5df452b4c5a98e1e50e44b0b32dfb52d051a62ed3ce1b3d8059a0c4b67f6c30713b5ae144b7a5ffa0c1aa3382bb22627833193be94ea4d844301a07064d972b4afe595a43ef342df43479256b92e8620c823e88640423e9837062cafb812ae73020fd986168afde458388b89a246234430493ef3dce4377f472c5ba1144f636a659686c083c7c1967c5f4ffe80ce29e1fde56df421a66bb3a170cc2b3c866cb0f842afdf439883fe2735cedc9e894a49aa835a9407fa693b19712fe8d89723d91c7f79a4979eed90b5cde08c57013938bf2f953f6b85f8508a268890f7a46a975e40f21edcc2724c0371e4c31f1122203e50a31f5222d5be399ad8f3ab568bc6ed4e63ca351969e44ba5af385320e4bdcc3a6982dc15cf045828de928629c1b8e810b8d57424285f0596d8ac375ac239737a90d49d7dbe5d69b8b615c673a72166c907fa22bed0a7c2c685a669e0cb967f0ffd12c0f4f4a49cc6d9451ae6522338f6cad02fe267925ee104d258729c17a21f6fa101e752e49b37ea38532e573f269ec30f58c6e8808da17ed071b6b33e68da33da3e908406c1adacf972cfe1adc2ab1ff1044319cce1f350a5660d770b01e47cc6721073c98d733b689c5e91f281c19ef45540ff6836d33062f8d2f2c2e195a6ce58987a38497643e2cfe826cd870d4213b96c932f7cb37af98e264e8bcf60f6261e8260a7370d6948f2fd805b6a3e7bae4d9618196d763d2b20bc371cd97c5ae723dd4d351f77d7b78f417122bb643d04afa5a44738e7af60bc70e5627b6a6baf6d7cd91fe383deb1360f3aa7ebd296c548317e841aa9d405ad993a41d504957b262aaae141bbccf69c21fb198ad1b4c2bc5f034588e7c20c14c013573dabd3f7c1d3ca7d2c6b2c7cd92b79bfdd5033bb2b61e15eff3e6015ea8945da60ba4d67e9a64b3b922e11d3a9e47b5323fe7e72dd816fd75e63f46627f8f0a9d1ab31603332eb40c30e9308c80480890aeb7a83517004dbf218fcedaebf92d24bb0c56bd89cc04684827454b25c3d685968562a862a2ef6979964d4a0f9da24b2e4f173ca252044a048deb77feae746ce6f4049be927097ecf5e9f7c23d473adeb4c27398b6c1319a9d6f15c24485438c5310f276117e02f2f0042eb8c88a305240a3a88aa7f63e7db1789715271833a36d894861dfc8ec81d846edc2582f79089ef1e8f81defa82ee39d7f5c2950278038deda84900ef696e0e4201780dfb753f45490e88b536b6e677a5835e678fb77f671582bfa32c003f51753c79b54fd2a6e24c138d9cf4b07a554369991baac9368b47016ba5e1df217d48bc4758afa6321013f77c235fc9e27b90f5c7a1c29909c7b5152aac53a21d7e0fb7b642c22a87a9c8c7aa4549003ec41500c05eec9610eb02e32c11d4de80352f60b658aa6329d3284bb1a20f0944482d7a482979ccfc2d5f5b6d3e20237f0fe34b4f6e5f93b4b35c25a226c0e0b185e7656643fc90c7db917c4981ef804cb0057e8b51776e92311798af049b77946e2c406ef96013da4646d052dc772e1f8aaf6cd53a2e7a4a983a7cac286ffe9fb1139eb42b389a7743d3f8f00275d2e5c1ebe2b83363993eb1ff2a7d1d52e6e6ea8736198a39b2b90f904368cc29c530dc836d91b48f465e395eec4f50a1643e2b64d53024330cfb1337cf2a76dd9f4ebaaf1cfd3e38fb138e3ea9ac19b9fc9cf1e70bdbf9f15cc27f3cd9e7b07ced46033cddf6fd159d574944d351d17f1954e44ba16f513f982dc25b7fe5c0343de74023bd951d05f73be7699d48dfcbf7c09d70cea86c8be94a11000161ae18f6488aaaad0a53c6937f13319389214b510caf9b649357ff0d4b5ce87325f0e5e16f8060d35f9467b79c1e991a484dea38a891fb2a4262d70df3f5da793b9e6d150de2b83cdd10448e63f182e82256267bbb0a02ae1a4aa6156f4e3423a4b5a63f5c3e2e367227d924e79f7d5f65031b1ea8d61d102b0d6c28ca4ed960415d4d82e629d613bfbc905ebcf3983ac3ccb404dcba4dd5df15efc61ff2c07be8de19bee9ac078a5828b4bcfc1aa2b8ae24f8cbd825b072b2ffb63c88003687aa9c82280adef25f18d76e30a20b8dc48f1e676265eb869b4486b494046dcb03767ed2bf6aca21c556be24e67b7ad5e91bda71af932aa9bcd940e73b8282e8d54229bfed74095ab7265812bdf95e087d24c178fb71d880714eccedd05b35285b40ddc369cf1b6751a6568187b7132493b96ff024a6848021314b2b78a39f01c52c1d2c6a6ed7f2b283ecc501e11c408b1c4ba7b15d3b5d016557dc41bcc34cf0264279a68a9f56521c7ade5bc8cb73d749649658c444a4957a6fb7a0ff791bc7e0548468cfad55a962a27cff5ae1e68865ddd4e2f01369440d20d06aa403c3eb173afbd48f8c2723100d8f395f596f6da357ddb870fc4bbbb591c32c00d01293bb23f7de8dc40869a61598f5ee882ab3a5fc82691391150cea52892740324ff691b8e3973ee9591850d4cd13cd62591b5317e310eacfa052e98acb1ff9b24a0060f879bf6a4247a6fb123bfac9c02c95effc255cde5b1436b017b4d43c3638f02da0afbefeaeb6766f636944199f08792dc0f6184e1bbcd6a3e6efaf4a13920953edadd864c942163e3642665f0c3c49a5f715ed08dea59b1e0ed61012e21da23a3441f03c07e867542cea5c54ed56d611729486552603e9aa1c8829b7b13e99c72f4605d825170329e12654be98936415cb8d2cfacbd7970b39b06ff4345a2127d3f2e2c5a94f475552af335c27ebe5423db5b7de923a426eb722fe87937d13224a963af79e33bee38eb6aacb7e2f7797d7429fb4aad53377123e6343c7e96c11f27f6992eaa5d4c87ab0461ad96d12c246bdc0528cbf382d3f9aec058ede41fa6dd5ccbdf259f87a9e47c73a9c6bf82458c452e51bb5f9a6b24ec4fa0048d6317125303ad1bb2d0d1e4856e0cafac70e940214aa8549fafc24f86eb1e5a27ef7ff7f61e36fe01395c7cc6a2a1ffcade4c49d40020e861b562672c5e948e27e7265e489f76296cbf331cbcf6f1b5f4163b22fb3c9bc79373442fc45927c4896b3d5db63a2bd78aa402ca33f3cdb44f709b853ec8a5946494f545ac9f3bf5ec0824135fb03ed7d5b84d13b918c35c0776ccf854f1d22abb59e32936bf6a8171228bce4405634e557bc4c12ebc9fb6ac778b8a25b7e9b34ad2d9b2fb523e74510cc1b40124c095437d6f31198452a504f49e5d56f7cfc2fb3f599e45549ddc4844cbd1a4c4d79afcf46bd78f94675fb8299d72546c908ae0f8a3ecb47974c30261b1c365116ed845b0f3ea73c4d25b4edd3b4db39c24fdda57f964688892fc08c7ff22c41fe039d99cfca37c6d10b01f696da106a3083c2ca9e60e7c61d741f5ca65d84078349b4812d92213c8615ded17b98c1c3e50b9946e3a8050806a70b8de212702e617f33e99b9d8616e49af67556aaee297f5f941b902fdbee52cfe598e5b690b8b5cc6f858092bbbad6300904b8972f3ddaa9899c695ae24e74a9d7faabaebfc157068a00e1898fe8584d7f2984bc4239675a1e8f744475ca9c089532f7bebe7b81959f5e8f53f0ed4eb74c5adb59483add24a16070866306cca04c78223bc79a19cb448405a4cd407c35c307c20274f9df87bc1d8769bb008dc4881ecc30111ce5fcc6919e40e897c6c6c3c7fd5ebbebfceb21fc6d4da2eb043791c5e0531d6e236724a61f30dd6061f64283d23cb27ecebd3ccbd96ab73d54af4dfb646ca7cd5c8a7c3d69e5272163886c44b56aaf692238435a337c571b3cceec1043a0c8fb94a039a6652cffe6d2016e1a21e5271ab4ab79300d930c38fc8719ed75d60cd1995f7229e35c9a050d4f7dc95c82f692c63be8c6abf257a403b8af7c699d2126a070757ccd352a5169d3eb3baddb61887ed13dbe42dece2164a1e433fe6020e5f7df045fbb1883b2a6e1009eea4aaa48d5c8dfeeb3ea1de4adad77ce9c10554b285a7f2631ab18ef3b8d17b947a78be5bcc480e3b6980fc4e99447ebc3a643cb2ec4df786a995485fcf78b01d76f8b8fb819aaf32dcdf60c7e0cd690e33d7008f55022f7f07fe6e7155586daaab5c2996a521a193f0485263e267a8e40ec89fff87d8d82885263fdb24f32e6d289b270d50a9a077b342dbf6d93ae8860ecbcc656a7935299dbb9a441f0bcc0c41ed98a4b7245b93dabb48815928dee0c4e26251e514549fa4459de44fd7eafc885413c555c2a1089ca22b87a2dac2327e18a79dc7bbd1658cc2eddbae1892a152b60063239b65925d33d30f97560cd4e1d09c307b1bad95cc9f5b3bb5b163bdded8a9f448bfb948f9706d6818b79e6557a036015444d5f816ea4f414b7b22f65cc4e2ff5b1f7e98113fa8c991387c2670669e3eb47c4626c4580681169bdcca806e0aa254c5354bcdf64f18e912a82bf95eb0d2558783a471ebb45c3ca67b1ea2b784d2c97b0937e5385b28761cda816724fdc65afd61fbe0c45025b012d3d91b5e56987b49b15eb4352f1c23b6eff16e3a6976d9c9c384764cbf385315bace61cd7b8b178a401a03bc6bddcd3b69c13e28cfdf2701865e91a0c167e5715602abfccf4e35a1c1fb3b181ae8e91f8e21b6f529dc7d19993f6b1eb8540e672618ed74aadb220d6f092b0e86baca7f1cccbdd27f5a76be01c8524b91032678f82b27538bd6f81e1c76c6802f13ad4498b11e9be23ffb6b5def02a9d1425ff55d5694c0dc99bfd0bf952d813a8acc3331ccc86f3ef9f6a2ec41eab656360844e349dc98ee8b4290506403a67e509f59cbc2dc8ebd78a29ac0f6d40920ad28f3014cd6adec0d505462b24650269f33b9803c23f77a1a8acbde23f9643c03f9e1b1450a2570ca0e6928db8ced02f96a3edf1e3d581142d672d05af40c94ee94d3c456ea2735eb01790ca063e7049ff5cc13eea5624cd09d46f94808622dc1362ae6151d67cf74f0d8a58696e414b3cf9e6564cb4bec57271dca57117af34fec078ca6bcde028a861d914c723705819ef6ed34d4a9da15546736fcb4b552a5c6868b6eba5687267ed251dc839adcfa3bf569cd0d99b560fb5cadb0cc64746eeb98411105226147f29c73fa813e21742d1227db7f3c5ea45581363c680b6ce8936ed48472d8d252856c354975cdc5ed8c1529c52a78d959a6e0261d035ee22401f307aa9b7682f6385bd3ba6731614964b75858ed1caf3052364c79ac9591720a56bfed0106f6c539f953ff53922dcd3c760821aba8543536548fed33936e298537095f7c480a66181bceae5133157e013d0fcda59b099b62951d8e8c1843414660eac6963a45164ba68ede70639a93ee00bc4d4a1b3e1a6252d4864af719c4c6a37780c321d467a0e87c8e8c308716f6cbf8eae12654dc4449a21789317f68a749b55ef25024f19f94813ab920931fd12047c9878a25be380520e37d44f2b26b91f805b9dce7fb12cd47d8d8e74d5d7e79b9f8163f0ede619bdbef0939923fdb533b05401a1780a1b49a614afec62757b03b9266e23349109734878516c0ec6684405118b65fc167b366fcad22728f789ab426368da68e61964ae6643883c13ec21ded19c9a66f1101db6a0ad7106", 0x1000, 0x4}, {&(0x7f0000001840)="0fd78163b4ea5a9d836122fcfe4ca8a2396d596c89393a1e40d835109d5ee39c0ad00d90292a781d03e710279e66b91a859efd54763deb2a776fad6ad0ebe0044cfd229ca7842bc7794859f45b672cae54c738b2e51735de07403a5b1a4d8e464aada8143609b212f1bfacb12e3122701664550ea05fe9dd16534bb386ac14f30c23898dc99acd6f1c93ab745653146ff1686dd8bc7d781f8c250d106c34196341f18ed145953cc272954fb2076d618c984fbf2d85e161ecb3126c8881faf1a3f6be7e8a15f269da48cbde31ef5e8fe18a21b6263b82252010ce1c0514dfade175b2e0574235121816e17b9bbc958a7c5a91ae580cc2485acb0d3569d8d297", 0xff, 0x1}, {&(0x7f0000001940)="577bfb3dc89c096612e928669ad5fb10c7b97644b4be4ea6d93e3ca86fbb3cbe275c5f6008afb954c712ff908e49379d418cb44e5c96b6", 0x37, 0x8}, {&(0x7f0000001980)="ee4097024b1ddbab3be15b4d57ec936192e1a7089a40a9dc0f15ed6f01b91037861e4d18775bb0d053dfcd34a8cc6992f9493a0af3048fa88c88e1bb273fb62df762e31df17d62f81ce9506557c68b7775cfd377adfd9e7048f806f6151795b63d6bee156cf75c851c9f5160de4f7856ba099dad32de54de6119d2ae51dde9e0a618f8587627aec178a6fd40bdef069236a8fb9ad75bd05aca6701eac40b74c55e10d25147c9ee9d60b2ad2d93a2865ee5d0aae7f0fd7d1b1d20857762734f6c48a05c6b58", 0xc5, 0x6}, {&(0x7f0000001a80)="91fb08ab889323baf1774182c3778947", 0x10}], 0x1000, &(0x7f0000001b40)={[{@map_acorn}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@check_relaxed}, {@sbsector={'sbsector', 0x3d, 0x6}}, {@hide}, {@nocompress}, {}, {@cruft}, {@check_strict}, {@block={'block', 0x3d, 0x800}}], [{@context={'context', 0x3d, 'root'}}, {@smackfsdef={'smackfsdef', 0x3d, '9p\x00'}}, {@fowner_lt={'fowner<', 0xffffffffffffffff}}]})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f00000017c0)=@IORING_OP_SENDMSG={0x9, 0x5, 0x0, r6, 0x0, &(0x7f0000001780)={&(0x7f0000000280)=@caif=@rfm={0x25, 0x7d2, "ea36cc9dc1eef49fb7e293a705696b48"}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000300)}, {&(0x7f0000000340)="bdc35124bc7506a7cdf45ee8875cd7d10703b2af7220dc131025b28b5baf75f34d6412be91a1976c231b1df96e24c171f03fbf6d942268eac2877b9910c18ec23e810f7bec13c2fead4b688282674a86953d7db67c8bf722e79d43b06b93214e67cced3d66f5bc663bcf61c369b9b73e1279434e60ac8260b7ef2aeb4c832312b500bccae86982bd006a5a7cb67f958068", 0x91}], 0x2, &(0x7f0000000440)=[{0xe0, 0x114, 0x9, "237d67cf986901144a583bc25b0dd48a1fecf134f7470e1ea3441e99e8850bb1be6480a63db9730a79e0fac4c320fb2322064e752fbcc1afd349a69ffabf2cfb295bf3b3e992177f301b418b5aadd95b59e6b0b3e33537fc5773c9bb7553800ec60d9b0f03aca27cb3ec826eac4afe88509f6aacc430b80bdaf4d4511ee313d94b98f8753cfbcb4b89d41a071f7111d6383e9bb0bc08cfe5742c83a9f989a0e179a7f4d7f6f50a42f33079b3de9624ace29313c5b25f20b9d33fc7a665598e5bebf0a4e3ac02fb4a03fb09e8"}, {0x88, 0x10b, 0x6, "4e116df6518cdb949d00cbcc837961fb013e36e8aa39fd76865b0df18eec3129fc1d7598851735adbc7276643e2616e41eae2f816cfd6a245b319126d9d29c92383a2e246ea123dca9036629e4a00320a1a4b1553745fbf685e4cc76fc5f73090fa349f19cb020d3a3123516380f03751ceec13f7384936b"}, {0x18, 0x115, 0xfffffff8, "a67caaf5f75bf3"}, {0x1010, 0x102, 0x34c0ab78, "38400d2ce5055f67ffaf20407c72597a9085172850dc47be85c52baf315b8f1232a56c1d2fc69e82ebb33244f7e31b968ee35e53690e82c60bd2d25f635046ba789580308a877ffb5f758a29f374b1dfe1d63e9f5665e96fd52661a034268eedb5662df2f356931f22d75e1321bc73bc88f7dc741e778b351ae67e90116e8649b95f72bb0b43e6f51d6929f86f25d20d37151d4b729e681d3dbe1b22e4ee99b71507f80ca2bcdc937015d1161eafaed5b77d7ff9f2c7100288f4a06af4d0648c95614179a327ee63cd2304694461314879a9f68176b8295b7292614a5cf62cd65339939ed0e8b2f6221654d3898a780c38f91b9518b89a4ef840b84368d8b7ca817be05878916ef26c2f28b3525cc0505cf6a48dd322bfd27179901b043f92559db38b659d8099096d590ed24f2c1bbb0e5c005fd11959b6011cce73cf5291f4f2e7ca0e064c44b9c263469c1ad9a4c7c93ea21c408e34227713620d989fbeb0683175a84c1a95a17bb01a36f15309a2c601fe256730525e6bacac781a402e8493c1367724da805a1a8f1201390af7272a320667930239f1371199a2ab4dbbf6ba1aa8311125fe88d610fee2c94947281200f79df04fbed8de7311dbfe7f8830bedd36e5c6953f5e13f5ebf1f7cf64028d612dc5f20523efa1030caea242d8b7a3879a856ea7e12678e72be66191a4e949ca9ed1c4e7cdd1a55297c1d0f4aed33dc91ff468b44bd288276426e48cb461cde8a5c4f97cb210971e855ff84e524534286ca0ed462bcf75bb6b2ccb24123667d3c9c375a1f5b6f82f998256e297f1593ca520901efc4e1609c34b1dc449ece7592c6435eb9ad09d571cb9d75f84dc07d66b87219ff534d29753de80f1194f357f59c68493d91b67a75f4c9280653c47331f2eec06b23e119df0a35c35d7bc68f114a086a6a18c2decee765280c56fbcaa6290ee13fd9967c23a8c175d2d9ccdf8b9fe96fa95d4af37b132095736fd8e3ff3ebf4836ee1b03c863297723b10289b52545d52cb5a449185fc607d181e61001d3908d9fa4159cafb7bd3745010ccc1d30d24d7c51ee4930a10d4fb48b9f041d6408ea17b3de77668b5717fca6650bdc311bb78b6d3c7299158f6491949c30e6148ece7df7f349c87cac12a97ccee2baae35816a29e61d705c723f8fb6670fb719aac279718cc4c02220cceeed0ea74d1bed92a6cf58fce4c2b23d58ecb67c8b2a5f6a4de0600c50a6f1597b0e0d3ac643eaae17167ad62b2571d1347b702c0e5f7461d9d46747579ae78ad3c74994893f04746bcb45ae010bff5ed2acaa433ff1bedcb6063ef73890950f7478fae5ec7a31e233675acc9d0d22cd50d95ce43a005192c9c1184ca6ea38613fafdfe8d655b1b46e1d98d5cb5a173c6f7cfd25f13762fddace5e95793bf0757a443506767b13c42ca3253f26da7c98f6b0a2a75f2e43222609b2fe376d3591c245bbae7dfc68f4d7959b1f9516735f9af884487a289a7fbd7cac9b21a89285b4ba6abf1d4544d10d78183404b290c9ae13b5389b0198b3a3c1a868dbd6758c7e144300ecc36827af93c6a640ed316bba22c9909693a7325fcf51cf3f430b8d8375cb40c8dab21a9b47524862503be68dde5083f4c5185d5b0e722188e7e7c304aaf8acc845a983cd395760ef8d091109e95b03f69230e4495d2bd1d2b2e843fda1223d0983506879cfebb0c2c6068d4d34f6519e6e9421457080cffa850c44524421528092599f24703b8e4170024eb4f41311dbb5261cd84f2777d0012d64b825fc0e6ff9a1dd069dad2d8cee53fcdc760eeb3f856c439db31f58d7f8404f62c3903e37489dec8f60fd3e0167f2b9019b29baed2d449fe2e2a95372be9da710ad72496dc00db72561c5c4faf7a064179ada6c82adc2d4852304c7ebb1f9e5daaaefc2796d5f0505921ae909d9263a180d286074f5bd7fdb8e1b3d21a7f52e022f3ea5d1b25b229f9c41ead4ceb7ad122fa6b165579930129e811ac50e72e5534cc10b323a567277312be28e0b2777796baaafb6731823054a0e27931049e80e0890a82fd434e7b3924a009494f04130b41dad6758ed9e48e9cc3c67c42f719b4a7fcca5890cab37b046bbf57c5630cfc2703fa1f50433639bc7931938fad6060e88ac40e02981e81dfd3883df6ff01152793c002ed657d33594d5be11edc875c75bfb5561779fbae88fac560ac5a128cfb7ca4e98db57bd97bda42849c93258e18400109ee1a2bd7bc864bd89fafd140dc37370d0bdd88583f74ef0eb6d2ab84ca150e79661ff87ba523ba2685ae0a67d524ef0bc9f750ec89042564f7ae87fc3bba65cddea8515669da043a4f790269677a8de6c2218af4c27639377546c577cdec3f6aa38a6a82ac285cd65d8110908855c1ccaee0a442fa9f7c8f387959bbc7c97731e9ab7c6cbe05f04c47c041ad7a9274bd70684b705517953a01273b6fbf4e678297388d59b323e9c93aaad4febde7481bdd667a9b9e1dfa3ed3f6adbb87f48855b88c17ccafcb710124a04cf61127f3e81c472df03efdffb6c135d91339f72bf50875017bee6679bb4af2b0d7c28fa59e992bd103bb87a21525f17f55a12386c98280fd7e915ff142a888e267c036fb536bbb9f1d4f3a875dafea323100c336d12adb47622a1742d54e849a0c727e0d643ea0fb297133a33e2b7bdb436bb99879ea91ee5fbf6a1aa58f88c83a97e98d3917ddd77beca106ee14c083da8efd568dc23577a6501125b43db6c0721e96171c98ecdc9bce2be47c74ba2cbe8dafec96bcfe3ac5f18a3c0ef3dafa2b42ce19d209e6635d20901f6f9f28e23497d7ae99709a610f8f036480b4d34936dad5a4e1159861766b5f74d0f88fdfa00f700aee8305da8c5ac6feacb54b8d6865835bb9d7e8e0b8ae28fc76a0a581d501932536379780519148464ebad5401bed106dbaceec039e3fb5e2bcb363a758d38ce736684da7d66e7bdf687931eea7589c43d70cb9babaf8c3f280ef09e8cbf18444feec893d7ff1d7777d5db00059c4c0c52437a80ea1af86f960b2d5e110cb28d525de3a4f832437934f993d07d6c00fa2262e656b693a01eeb738b416e07a98f37b5442b493023779a59de5006011c60b616b4a8db61a4020dc87e93b8b882d107e3b906882be8851692a7f2201e27dbab58e0ceac3ca16ee34bc7ad635e5a89cf87b5b3dcc3825ca6fe8a2924aaf24be71bafa8e2386c93ad9c77a4b17221940486b801b0d9fc836d152082068f6d03db8cf2848d42cd75636250e065431ddb5446453559fbd9e754436e152fc687551969e8208d66926824876f644006a549204f25c46b7c1297f1c678761643f1ca8c59ce3e845f368b9b25f26ec759be0f1fc6324856a856ac417213cfff9f3e46d60451a797b7cf08e39b236c43a50f0b6cd993823fd072941435363ada49f71c66e51af3d0a0bc74cb9401892a9f946d825a62ce4fcc92b44963f1a1bd71676ec5e36f46004cd8a952990d01701234898353cb2adb8ce5c156e6021f5ae0996924e1e36b9d9b561c77ce506c38dba7bf6a5477c6caa2de5bb7dbc84b56d1f72e1b3d552d6296d3e13df2f6c7c204706b181a631a0df35ab7d788f88ed69ad3935d834481bea388344aa8c7ec6ad17e267f9b609ed395e69e549111f3949224aafbe2bc8b1752fdc0e156c1916e9d4160fc130009297dacea7371bc02c1ed60f35a89c53d2b11735fa77ac462870d5490b2bca7670430bf2146ffeec8e52f8f79ac8e444dc339281e065bca211008d191ba5f8c66b0bc4c23e480ef352b14abeaa84ba9dd663b2e9e6f4a7fabb803187a72fbbf886ac85ea30c6ea2fc0eb453d1de5de60e6ddbfbbac349f28e60d5c5b74d8e7737351db4407f2da9129dcc2e96ccfdd4b535d3ec8bdc8444232c1d6dfbb70886dbade1049b161b9ecdc839c5ca1250ab2e6a6ac1b9cf332d365300612ed36f689e5d961e7e4b1c430cc8de653671dcc34e8bb1f56880462cb137597bdb771699ccada738aec6f2aae7fa92bd298f506a1ccb84f4d9da2c4e7551ff1be422b196894e99bfa4bf7b7ff63c50e9287c9bbbf23196115a76fb166d74f381657a128b86171794d074c7fcdae1e411202da53124a9c1a62283a7d0440c02fae3cfe1c3ae399d208c516460f9f7976deafba28019cd531470bb53f53f3bc06ddc29ce00054988c32064d7c095ffa9dd94c4313a43e7a153f9d8fecd6a55bcc3739810964ca6b4784d3cd709f21daf2c9bcbaf261eff041697eba299ecb7acc78b7050701495a86800b112bf2e6d1329d4d0d20c678c5a55d02f27a4c96d6ca75824751efafafd1f0b2db0e4eaa7ca6f270242b568eb263f6117481dc32efd57f88a4cf79ecb71835c4e92657791d0b290cd6a823767f3c3a06d175ed3c3a242177df72724bf99d0acb5a277a557491d372177df0910227aed97b633420abcbbf142dfb5c9e59c5de8e37f79ed085896eef8ce944a29af5bef893cb467bc601a80bb8e3414ca905ffab3a5ab74e630bdf6c67c6cdb01376e01e32305df87390859fdfbaba9977a3d97e27756c72c9cb3c855ff0b3b26cce86a9b293a57a3444a80516ba83e74a6c2aae9b7b7a299e5266001ec6e6975dec27ea8f7082a0aff30d6eb4815e6cb3b380b28dae7b50153877fd71a2de65fc446d74b30ce6721758dacd0805a673feb0d523ec213a37dc13e85b60a837cc6f6b7e245103f45b06d71bcb58989fa769f76be9eb06aab8f4d9414e66f023d62a7fd6fd092b58184ffcc7999544620186c9ed9cc0be5271d896c54682925919f7153afdfd2d8caa5b877f0968a162caf3e90b609eab2fc107fe33dce062e417beaf4de3f0020b13674240df5829b31f1524e22d22424bf0a699999e125aaffa9bf6a3a27021afd73f224d0a86d05bb64b0ec1d7d63193220606174f5b9fded4fa8c4b482f8d4dbbaae023ddae1751252bbad5d3288042c4bb4746825929041f01ac95642ca0bc3b584c8e651c58a97f6966b23e309f0ffc168ea2c796b61d339efabe35f1e0a13856f3fb14de72f777f12e4abaf1bc6ce10ff1a51ee0ac4420883d4d650fc3c69504134c6a65c473a213f43e4b95f125ce4dd093d6bdb9878fe9d27625128ad125856d904656683a7e5daa8be728fb122a4bec4ad4ba5bbc28a7e4cbe0160d55283c4e190d97714108ebe8c7150b4bd808514ef7a435be2f152de9fa80e17bde1f978687d8ac594e9b2ff374360a477b281f914f17877b9f335c502bb4a2107e8514c711791084a5a997a6c1fdc9ea7624681294658777615ddefae83c3a0a513feec61a444bb73e3799d81a8340ce5ed24518d0afc7f3b9eb1beab2689e6efb09c56453ff659a75ae250157cfbee3ee1f4638b9f62bea09bdf54a85e46e8e97838c9c2d8282514f95d77879e5ab5e526b0493785a049224634578d8fd4e9736a125b7f6bcd863948e8cb2ece9e18aed65e86a136b304b5cd18f3adecebc1791d4c15a3f48571c263b42698503d38edae75dfc6a01e935cd36c2ca1f3ef40f6e2a8326ba52da61cebbd87d07b8015045313c25a979b6cf3db174690d191900a7dfdf6d19503cd466990d99d2e6868c33d2f8d8d4edc8d030791a06f07e626360cb25e62be45be97d26fd4aecec73f482561cda0e930b6a9e9dbed1a3bf2b5694d2abe81cfc07ea415547ea5a87e86acc583d21a3faa72fcefce7e6bc0a854be2c61585f728d87b12cf10fd17d5aae95fa2a25f026559159411a4c8a3c8f06ebb2d4294423fc687a155cbb7225b1502b09e89a3"}, {0xc0, 0x118, 0x4, "73f81afd4c2870277256b74f1e1a4b007d915bf1e86b3a4fe5dd83953a211718899dc646b177cf30c3dacbc63841780f6dcc14a8636322d6fe7550c536009f76e475c731da58104974e0acbf650d8511fa60f17e1b28449aff1e8157f825e2177cc8e64945898f0e3e2a7251a5b3b5a20a3fcef4b07344d70ac463506c83bee57158b1b840891f2a56024f8e24a6ed1979758dacb86fbae5401711240ac92a02f9c81dbea535e8a605"}, {0x38, 0x11, 0x0, "a38d51bb37006f3e426a3b02c68963dec4f95054f5cafeef5c1dc7520174015764"}, {0x80, 0x0, 0x2f, "736ab3d813eaffbf2cb766c66db26793243fd6facab728e47f4fb3f45c6667419f65a3e837405f98be223ba50178d2cb5f161cd7381a2c42d23ad183e96f799a21563b6ba0ea5b8ba89792f1d5fc78bd0c7e6a6dfb1acd97c011bd25e79d054fa04491e6a5274d0a273dafe64ad5"}, {0x20, 0x3a, 0xacd9, "d3a93101173612e41dfe"}], 0x1328}, 0x0, 0x40000, 0x1, {0x0, r8}}, 0x58e7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:06 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30)

04:28:06 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:28:06 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:06 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:28:06 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26)

04:28:06 executing program 2:
openat(0xffffffffffffff9c, 0x0, 0x639d1876ab868171, 0x0)
ftruncate(0xffffffffffffffff, 0xffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x62)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f00000001c0)=""/85, 0x55}, {&(0x7f0000000140)=""/77, 0x4d}, {&(0x7f0000000240)=""/103, 0x67}, {0x0}, {&(0x7f0000000380)=""/168, 0xa8}], 0x5, 0x6, 0xfffffffe)
fallocate(r2, 0x0, 0x0, 0x8800000)
lseek(r1, 0x0, 0x3)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = dup2(r3, 0xffffffffffffffff)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f00000002c0)=0x401, 0x4)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
r5 = fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x101}, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat(r5, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x40800, 0x84)
ioctl$FICLONE(r5, 0x40049409, r4)
ioctl$SG_GET_ACCESS_COUNT(0xffffffffffffffff, 0x2289, &(0x7f00000000c0))
sendfile(r0, r6, 0x0, 0x100000001)

[ 1293.293092] FAULT_INJECTION: forcing a failure.
[ 1293.293092] name failslab, interval 1, probability 0, space 0, times 0
[ 1293.296085] CPU: 1 PID: 8514 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1293.297488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1293.299198] Call Trace:
[ 1293.299753]  dump_stack+0x107/0x167
[ 1293.300509]  should_fail.cold+0x5/0xa
[ 1293.301307]  ? create_object.isra.0+0x3a/0xa20
[ 1293.302245]  should_failslab+0x5/0x20
[ 1293.303054]  kmem_cache_alloc+0x5b/0x310
[ 1293.303915]  ? mark_held_locks+0x9e/0xe0
[ 1293.304775]  create_object.isra.0+0x3a/0xa20
[ 1293.305678]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1293.306757]  kmem_cache_alloc_bulk+0x168/0x320
[ 1293.307746]  io_submit_sqes+0x6f76/0x85c0
[ 1293.308649]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1293.309667]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1293.310681]  ? lock_downgrade+0x6d0/0x6d0
[ 1293.311561]  ? find_held_lock+0x2c/0x110
[ 1293.312424]  ? io_submit_sqes+0x85c0/0x85c0
[ 1293.313337]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1293.314587]  ? wait_for_completion_io+0x270/0x270
[ 1293.315599]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1293.316618]  ? vfs_write+0x354/0xa70
[ 1293.317475]  ? fput_many+0x2f/0x1a0
[ 1293.318320]  ? ksys_write+0x1a9/0x260
[ 1293.319126]  ? __ia32_sys_read+0xb0/0xb0
[ 1293.319500] FAULT_INJECTION: forcing a failure.
[ 1293.319500] name failslab, interval 1, probability 0, space 0, times 0
[ 1293.319952]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1293.319980]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1293.324440]  do_syscall_64+0x33/0x40
[ 1293.325221]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1293.326245] RIP: 0033:0x7f06e6057b19
[ 1293.326978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1293.330673] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1293.332261] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1293.333770] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1293.335284] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1293.336783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1293.338220] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1293.339785] CPU: 0 PID: 8519 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1293.341271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1293.343064] Call Trace:
[ 1293.343636]  dump_stack+0x107/0x167
[ 1293.344444]  should_fail.cold+0x5/0xa
[ 1293.345271]  ? create_object.isra.0+0x3a/0xa20
[ 1293.346255]  should_failslab+0x5/0x20
[ 1293.347066]  kmem_cache_alloc+0x5b/0x310
[ 1293.347930]  ? mark_held_locks+0x9e/0xe0
[ 1293.348797]  create_object.isra.0+0x3a/0xa20
[ 1293.349733]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1293.350799]  kmem_cache_alloc_bulk+0x168/0x320
[ 1293.351786]  io_submit_sqes+0x6f76/0x85c0
[ 1293.352694]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1293.353745]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1293.354762]  ? lock_downgrade+0x6d0/0x6d0
[ 1293.355653]  ? io_submit_sqes+0x85c0/0x85c0
[ 1293.356584]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1293.357593]  ? wait_for_completion_io+0x270/0x270
[ 1293.358623]  ? ksys_write+0x181/0x260
[ 1293.359431]  ? ksys_write+0x212/0x260
[ 1293.360246]  ? fput_many+0x2f/0x1a0
[ 1293.361006]  ? ksys_write+0x1a9/0x260
[ 1293.361811]  ? __ia32_sys_read+0xb0/0xb0
[ 1293.362665]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1293.363783]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1293.364883]  do_syscall_64+0x33/0x40
[ 1293.365678]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1293.366741] RIP: 0033:0x7f79e8f8cb19
[ 1293.367548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1293.371403] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1293.372984] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1293.374500] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1293.376009] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1293.377525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1293.379045] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:28:06 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:06 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:28:06 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31)

04:28:06 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, 0x0, 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1293.697458] FAULT_INJECTION: forcing a failure.
[ 1293.697458] name failslab, interval 1, probability 0, space 0, times 0
[ 1293.700387] CPU: 1 PID: 8537 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1293.701765] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1293.703436] Call Trace:
[ 1293.703974]  dump_stack+0x107/0x167
[ 1293.704718]  should_fail.cold+0x5/0xa
[ 1293.705522]  ? create_object.isra.0+0x3a/0xa20
[ 1293.706459]  should_failslab+0x5/0x20
[ 1293.707260]  kmem_cache_alloc+0x5b/0x310
[ 1293.708106]  ? mark_held_locks+0x9e/0xe0
[ 1293.709000]  create_object.isra.0+0x3a/0xa20
[ 1293.709955]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1293.711045]  kmem_cache_alloc_bulk+0x168/0x320
[ 1293.712001]  io_submit_sqes+0x6f76/0x85c0
[ 1293.712916]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1293.713926]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1293.714904]  ? lock_downgrade+0x6d0/0x6d0
[ 1293.715758]  ? find_held_lock+0x2c/0x110
[ 1293.716621]  ? io_submit_sqes+0x85c0/0x85c0
[ 1293.717554]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1293.718533]  ? wait_for_completion_io+0x270/0x270
[ 1293.719546]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1293.720497]  ? vfs_write+0x354/0xa70
[ 1293.721297]  ? fput_many+0x2f/0x1a0
[ 1293.722093]  ? ksys_write+0x1a9/0x260
[ 1293.722870]  ? __ia32_sys_read+0xb0/0xb0
[ 1293.723708]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1293.724783]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1293.725841]  do_syscall_64+0x33/0x40
[ 1293.726596]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1293.727654] RIP: 0033:0x7f06e6057b19
[ 1293.728402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1293.732185] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1293.733758] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1293.735301] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1293.736793] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1293.738286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1293.739748] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:28:06 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:06 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x19, &(0x7f0000000040)=0x81, 0x4)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x13, r3, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x5, &(0x7f00000001c0)}, 0x6)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:06 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27)

04:28:06 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1294.011056] FAULT_INJECTION: forcing a failure.
[ 1294.011056] name failslab, interval 1, probability 0, space 0, times 0
[ 1294.013715] CPU: 0 PID: 8549 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1294.015167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1294.016930] Call Trace:
[ 1294.017501]  dump_stack+0x107/0x167
[ 1294.018276]  should_fail.cold+0x5/0xa
[ 1294.019074]  ? create_object.isra.0+0x3a/0xa20
[ 1294.020014]  should_failslab+0x5/0x20
[ 1294.020801]  kmem_cache_alloc+0x5b/0x310
[ 1294.021668]  ? mark_held_locks+0x9e/0xe0
[ 1294.022523]  create_object.isra.0+0x3a/0xa20
[ 1294.023492]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1294.024575]  kmem_cache_alloc_bulk+0x168/0x320
[ 1294.025541]  io_submit_sqes+0x6f76/0x85c0
[ 1294.026454]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1294.027508]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1294.028541]  ? lock_downgrade+0x6d0/0x6d0
[ 1294.029429]  ? find_held_lock+0x2c/0x110
[ 1294.030314]  ? io_submit_sqes+0x85c0/0x85c0
[ 1294.031247]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1294.032274]  ? wait_for_completion_io+0x270/0x270
[ 1294.033333]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1294.034327]  ? vfs_write+0x354/0xa70
[ 1294.035120]  ? fput_many+0x2f/0x1a0
[ 1294.035884]  ? ksys_write+0x1a9/0x260
[ 1294.036693]  ? __ia32_sys_read+0xb0/0xb0
[ 1294.037546]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1294.038655]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1294.039752]  do_syscall_64+0x33/0x40
[ 1294.040543]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1294.041616] RIP: 0033:0x7f79e8f8cb19
[ 1294.042428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1294.046378] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1294.048008] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1294.049546] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1294.051079] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1294.052654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1294.054227] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:28:20 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000a, 0x13, r3, 0x0)
syz_io_uring_complete(r4)
r5 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r6=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r5], 0x1}, 0x58)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r7}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r6, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r7}}, 0xae8b)
syz_io_uring_submit(r4, r2, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x1)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r8, 0x0, 0x0}, 0x2)
r9 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r9], 0x1}, 0x58)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0xff, 0x0, 0x0, 0x0, 0x0, 0x100000000005e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x9}, 0x0, 0x40000000, 0x100000}, r9, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r10, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:20 executing program 2:
r0 = socket$inet(0x2, 0xa, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x8914, &(0x7f00000001c0)={'sit0\x00', {0x2, 0x0, @empty}})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000000003f007aef536249ae96bdfeb4b61631a9c7e0b2803efa91680108de640ca203b95cb01f11736154d3c5f7d87e4ce75ceed6046ecdf5966c4dd6dc5c6c252bfdf54541259f4176f784e9598099d4ed7c84238e442ee6fa0de9a19f6ac0ebc67801164f2064d189a0240457f52eb8ce836303349c6923b60650a775c2fc8b83b646a8ec58d55d3cb1e32dc8d2e7479a997c05fce660607dd09190ba71b6d87b201b96314d91dede5358d7488a1a5e279cc04b55474aa8e3"], 0x8)
setsockopt$inet6_opts(r1, 0x29, 0x37, 0x0, 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f0000000000))
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x121000, 0x0)
io_uring_setup(0x3fa6, &(0x7f00000001c0)={0x0, 0x4573, 0x2, 0x0, 0x37b, 0x0, r2})
socket$inet(0x2, 0xa, 0x0)

04:28:20 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)

04:28:20 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, 0x0, 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:28:20 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:20 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:28:20 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28)

04:28:20 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x5a35, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x10003}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
ftruncate(0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xb052)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0xd}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r3 = memfd_create(&(0x7f0000000040)='.\\\x88,\x00', 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1307.566699] FAULT_INJECTION: forcing a failure.
[ 1307.566699] name failslab, interval 1, probability 0, space 0, times 0
[ 1307.569391] CPU: 1 PID: 8562 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1307.570850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1307.572591] Call Trace:
[ 1307.573123]  dump_stack+0x107/0x167
[ 1307.573894]  should_fail.cold+0x5/0xa
[ 1307.574659]  ? create_object.isra.0+0x3a/0xa20
[ 1307.575612]  should_failslab+0x5/0x20
[ 1307.576373]  kmem_cache_alloc+0x5b/0x310
[ 1307.577209]  ? mark_held_locks+0x9e/0xe0
[ 1307.578030]  create_object.isra.0+0x3a/0xa20
[ 1307.578938]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1307.579964]  kmem_cache_alloc_bulk+0x168/0x320
[ 1307.580912]  io_submit_sqes+0x6f76/0x85c0
[ 1307.581785]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1307.582635] FAULT_INJECTION: forcing a failure.
[ 1307.582635] name failslab, interval 1, probability 0, space 0, times 0
[ 1307.582814]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1307.582840]  ? lock_downgrade+0x6d0/0x6d0
[ 1307.582868]  ? find_held_lock+0x2c/0x110
[ 1307.588161]  ? io_submit_sqes+0x85c0/0x85c0
[ 1307.589053]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1307.590046]  ? wait_for_completion_io+0x270/0x270
[ 1307.591033]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1307.591998]  ? vfs_write+0x354/0xa70
[ 1307.592783]  ? fput_many+0x2f/0x1a0
[ 1307.593531]  ? ksys_write+0x1a9/0x260
[ 1307.594331]  ? __ia32_sys_read+0xb0/0xb0
[ 1307.595173]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1307.596248]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1307.597309]  do_syscall_64+0x33/0x40
[ 1307.598067]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1307.599111] RIP: 0033:0x7f06e6057b19
[ 1307.599893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1307.603649] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1307.605222] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1307.606675] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1307.608144] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1307.609611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1307.611060] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1307.612565] CPU: 0 PID: 8571 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1307.614065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1307.615862] Call Trace:
[ 1307.616438]  dump_stack+0x107/0x167
[ 1307.617251]  should_fail.cold+0x5/0xa
[ 1307.618102]  ? create_object.isra.0+0x3a/0xa20
[ 1307.619097]  should_failslab+0x5/0x20
[ 1307.619953]  kmem_cache_alloc+0x5b/0x310
[ 1307.620872]  ? mark_held_locks+0x9e/0xe0
[ 1307.621767]  create_object.isra.0+0x3a/0xa20
[ 1307.622751]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1307.622780]  kmem_cache_alloc_bulk+0x168/0x320
[ 1307.622809]  io_submit_sqes+0x6f76/0x85c0
[ 1307.622867]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1307.622887]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1307.622920]  ? lock_downgrade+0x6d0/0x6d0
[ 1307.622937]  ? find_held_lock+0x2c/0x110
[ 1307.622963]  ? io_submit_sqes+0x85c0/0x85c0
[ 1307.622995]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1307.623021]  ? wait_for_completion_io+0x270/0x270
[ 1307.623045]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1307.623062]  ? vfs_write+0x354/0xa70
[ 1307.623086]  ? fput_many+0x2f/0x1a0
[ 1307.623110]  ? ksys_write+0x1a9/0x260
[ 1307.623134]  ? __ia32_sys_read+0xb0/0xb0
[ 1307.623165]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1307.623188]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1307.623237]  do_syscall_64+0x33/0x40
[ 1307.623262]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
04:28:20 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1307.623290] RIP: 0033:0x7f79e8f8cb19
[ 1307.623314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1307.623325] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1307.623349] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1307.623362] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1307.623374] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
04:28:20 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, 0x0, 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1307.623386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1307.623398] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1307.832867] device sit0 entered promiscuous mode
04:28:43 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000280)={0x0, 0x2e3b}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff})
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
r9 = dup2(r8, r7)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x0, 0x0)
r11 = dup2(r10, r9)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r11, 0x0, &(0x7f0000000240)=""/61, 0x3d, 0x13}, 0x20)
r12 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r13 = dup2(r12, 0xffffffffffffffff)
open_tree(r13, &(0x7f0000000040)='./file0\x00', 0x81000)
sendmsg$NL80211_CMD_JOIN_MESH(r13, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="209ce9826d3e576f105f8eabd24159206e76b0c1d6116ecd58ec27f37087bef0a8bcbe044890fcc0c4f4840a9fb3d0b97cff00b7cefc9155519daed58fb379b120", @ANYRES64=r6, @ANYBLOB="0102250900000000000000000800030000003a7fcaea0c93a416a0ec56f6b997aa4e29b9aa8f815a26a938b35b3d2d4493c6b5e1a587fa40eaf1f995767ba1c7a952c2b0cbbbd751153837bb0bbabba649eeed58d12819a4def43c47c1e58060f721c01233e670e8f3cae4f54becc9f5ea643a1ad83bce394b550dd2718d13f9db5346b5164a2ee6a47a8c11079b0d7b5f69e53aabff99709c1934bd0c0b78229342d464cfc1484e61d3801e11023b5013e395f64b75994df0b622409a10f1dace8e9dabddc9f8500ea22ee0a4eff959e7fac65e991a4ce1497c93fc53ae1ec9440c9660", @ANYRES32=0x0, @ANYBLOB="a60300090000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
syz_io_uring_submit(r4, r6, &(0x7f0000000040)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index=0x6, 0x14, 0x0, 0xe, 0x0, 0x1}, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:43 executing program 5:
r0 = creat(&(0x7f00000001c0)='./cgroup/cgroup.procs\x00', 0x0)
statfs(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', &(0x7f0000000280)=""/174)
socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100, 0xfffffffffffffffd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="0000000000000000ee00eedf141c646e0a45c4139fa6478e58b9b763d260957545b02a08939f031f949aa9e991dd4bda9402f9a8ec92a639c2421812d13a1065fc8b1c8347efa7bcc5fe4c076aaae3d14a96", @ANYRESHEX=r2, @ANYBLOB="2c77a9666a6e6f", @ANYRESHEX=r3, @ANYBLOB="2c646566596f6e9365f8743d73797374656d5f752c736d61636b6673666c6f6fff12f5493a2d3a403a24248a2c0039b2e77598ba8ac220d47ba6abb9"])
getsockopt$inet6_buf(r3, 0x29, 0x0, &(0x7f0000000540)=""/207, &(0x7f0000000640)=0xcf)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/udplite6\x00')
io_setup(0x5, &(0x7f0000000700))
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fd/3\x00')
pread64(r5, &(0x7f0000000000)=""/181, 0xb5, 0x9)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r6=>0x0})
r7 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r7], 0x1}, 0x58)
perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x8, 0x1f, 0x3, 0x3, 0x0, 0x9, 0x40c00, 0x4, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={&(0x7f0000000180), 0x4}, 0x8000, 0x3, 0x0, 0x8, 0xffffffff, 0xff, 0xa73, 0x0, 0x80000000, 0x0, 0x1000}, r7, 0xa, r0, 0xa)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syz_tun\x00'})
sendmmsg$inet(r1, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="14000000000000050000000007006152b2508f010008000000000000000000000000000000000000063c", @ANYRES32=r6], 0x38}}], 0x1, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2b, &(0x7f0000000400)={0x4000, {{0xa, 0x4e23, 0x6, @mcast1, 0x1}}, {{0xa, 0x4e23, 0x8000, @loopback}}}, 0x108)

04:28:43 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:43 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:28:43 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:28:43 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33)

04:28:43 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29)

04:28:43 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(r0, &(0x7f00000001c0)='./file1\x00', 0x925242, 0x0)
r5 = openat(r1, &(0x7f00000002c0)='./file0\x00', 0x22000, 0x9)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$netlink(0x10, 0x3, 0x0)
write$binfmt_elf64(r4, &(0x7f0000000180)=ANY=[@ANYRESDEC=r3, @ANYRES32, @ANYRES32, @ANYRES16], 0xfdef)
getpgid(0x0)
socket$packet(0x11, 0x3, 0x300)
creat(&(0x7f00000000c0)='./file0\x00', 0x108)
socket$inet_udplite(0x2, 0x2, 0x88)

[ 1330.694679] FAULT_INJECTION: forcing a failure.
[ 1330.694679] name failslab, interval 1, probability 0, space 0, times 0
[ 1330.697091] CPU: 1 PID: 8611 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1330.698462] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1330.700179] Call Trace:
[ 1330.700710]  dump_stack+0x107/0x167
[ 1330.701469]  should_fail.cold+0x5/0xa
[ 1330.702242]  should_failslab+0x5/0x20
[ 1330.703036]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1330.703946]  io_submit_sqes+0x6f76/0x85c0
[ 1330.704827]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1330.705815]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1330.706804]  ? lock_downgrade+0x6d0/0x6d0
[ 1330.707649]  ? find_held_lock+0x2c/0x110
[ 1330.708484]  ? io_submit_sqes+0x85c0/0x85c0
[ 1330.709355]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1330.710345]  ? wait_for_completion_io+0x270/0x270
[ 1330.711296]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1330.712258]  ? vfs_write+0x354/0xa70
[ 1330.713004]  ? fput_many+0x2f/0x1a0
[ 1330.713752]  ? ksys_write+0x1a9/0x260
[ 1330.714513]  ? __ia32_sys_read+0xb0/0xb0
[ 1330.715348]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1330.716382]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1330.717443]  do_syscall_64+0x33/0x40
[ 1330.718177]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1330.719222] RIP: 0033:0x7f79e8f8cb19
[ 1330.719981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1330.723732] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1330.725239] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1330.726697] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1330.728185] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1330.729642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1330.731086] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1330.742404] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1330.743720] FAULT_INJECTION: forcing a failure.
[ 1330.743720] name failslab, interval 1, probability 0, space 0, times 0
[ 1330.746766] CPU: 1 PID: 8612 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1330.748179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1330.749856] Call Trace:
[ 1330.750398]  dump_stack+0x107/0x167
[ 1330.751147]  should_fail.cold+0x5/0xa
[ 1330.751952]  ? create_object.isra.0+0x3a/0xa20
[ 1330.752891]  should_failslab+0x5/0x20
[ 1330.753667]  kmem_cache_alloc+0x5b/0x310
[ 1330.754503]  create_object.isra.0+0x3a/0xa20
[ 1330.755405]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1330.756469]  kmem_cache_alloc_bulk+0x168/0x320
[ 1330.757420]  io_submit_sqes+0x6f76/0x85c0
[ 1330.758298]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1330.759322]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1330.760343]  ? lock_downgrade+0x6d0/0x6d0
[ 1330.761201]  ? find_held_lock+0x2c/0x110
[ 1330.762034]  ? io_submit_sqes+0x85c0/0x85c0
[ 1330.762929]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1330.763936]  ? wait_for_completion_io+0x270/0x270
[ 1330.764930]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1330.765887]  ? vfs_write+0x354/0xa70
[ 1330.766652]  ? fput_many+0x2f/0x1a0
[ 1330.767400]  ? ksys_write+0x1a9/0x260
[ 1330.768194]  ? __ia32_sys_read+0xb0/0xb0
[ 1330.769039]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1330.770103]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1330.771174]  do_syscall_64+0x33/0x40
[ 1330.771939]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1330.772993] RIP: 0033:0x7f06e6057b19
[ 1330.773754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1330.777504] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1330.779052] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1330.780503] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1330.781958] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1330.783403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1330.784859] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:28:43 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:43 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:28:43 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:28:43 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
r4 = dup(r3)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x29462, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x8000000000000}, 0x0, 0xffffffffffffffff, r4, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
r8 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x100)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r7, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r8, @in_args={0x2}}, './file0\x00'})
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:43 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:44 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30)

04:28:44 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34)

04:28:44 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0xb8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, <r1=>0x0})
r2 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r2], 0x1}, 0x58)
fcntl$setown(r0, 0x8, r2)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x5, 0x80, 0x1, 0x51, 0x0, 0x4d3, 0x20, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000040), 0x9}, 0x404, 0x6d, 0x3, 0x6, 0x1ff, 0x6, 0x3, 0x0, 0x401, 0x0, 0x8}, r1, 0xd, r0, 0xa)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffffff3}]})

04:28:44 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1331.182731] FAULT_INJECTION: forcing a failure.
[ 1331.182731] name failslab, interval 1, probability 0, space 0, times 0
[ 1331.185570] CPU: 1 PID: 8647 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1331.186923] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1331.188658] Call Trace:
[ 1331.189187]  dump_stack+0x107/0x167
[ 1331.189940]  should_fail.cold+0x5/0xa
[ 1331.190714]  ? create_object.isra.0+0x3a/0xa20
[ 1331.191679]  should_failslab+0x5/0x20
[ 1331.192462]  kmem_cache_alloc+0x5b/0x310
[ 1331.193293]  ? mark_held_locks+0x9e/0xe0
[ 1331.194099]  create_object.isra.0+0x3a/0xa20
[ 1331.195008]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1331.196056]  kmem_cache_alloc_bulk+0x168/0x320
[ 1331.197002]  io_submit_sqes+0x6f76/0x85c0
[ 1331.197863]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1331.198883]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1331.199864]  ? lock_downgrade+0x6d0/0x6d0
[ 1331.200704]  ? find_held_lock+0x2c/0x110
[ 1331.201519]  ? io_submit_sqes+0x85c0/0x85c0
[ 1331.202418]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1331.203400]  ? wait_for_completion_io+0x270/0x270
[ 1331.204421]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1331.205369]  ? vfs_write+0x354/0xa70
[ 1331.206129]  ? fput_many+0x2f/0x1a0
[ 1331.206869]  ? ksys_write+0x1a9/0x260
[ 1331.207663]  ? __ia32_sys_read+0xb0/0xb0
[ 1331.208495]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1331.209551]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1331.210604]  do_syscall_64+0x33/0x40
[ 1331.211358]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1331.212430] RIP: 0033:0x7f79e8f8cb19
[ 1331.213186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1331.216955] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1331.218491] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1331.219961] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1331.221391] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1331.222828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1331.224283] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1331.258026] FAULT_INJECTION: forcing a failure.
[ 1331.258026] name failslab, interval 1, probability 0, space 0, times 0
[ 1331.261938] CPU: 0 PID: 8649 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1331.263593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1331.265593] Call Trace:
[ 1331.266225]  dump_stack+0x107/0x167
[ 1331.267120]  should_fail.cold+0x5/0xa
[ 1331.268073]  should_failslab+0x5/0x20
[ 1331.268998]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1331.270066]  io_submit_sqes+0x6f76/0x85c0
[ 1331.271111]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1331.272326]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1331.273503]  ? lock_downgrade+0x6d0/0x6d0
[ 1331.274556]  ? find_held_lock+0x2c/0x110
[ 1331.275553]  ? io_submit_sqes+0x85c0/0x85c0
[ 1331.276618]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1331.277796]  ? wait_for_completion_io+0x270/0x270
[ 1331.278979]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1331.280131]  ? vfs_write+0x354/0xa70
[ 1331.281049]  ? fput_many+0x2f/0x1a0
[ 1331.281934]  ? ksys_write+0x1a9/0x260
[ 1331.282852]  ? __ia32_sys_read+0xb0/0xb0
[ 1331.283856]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1331.285112]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1331.286357]  do_syscall_64+0x33/0x40
[ 1331.287243]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1331.288479] RIP: 0033:0x7f06e6057b19
[ 1331.289371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1331.293786] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1331.295627] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1331.297334] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1331.299042] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1331.300764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1331.302470] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:28:44 executing program 1:
r0 = syz_io_uring_setup(0x44e8, &(0x7f0000000140)={0x0, 0x0, 0x1f9cb365bdbc4d3c}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
write$binfmt_elf32(r3, &(0x7f00000001c0)={{0x7f, 0x45, 0x4c, 0x46, 0xf7, 0x6, 0x20, 0x1f, 0x0, 0x3, 0x3, 0x200, 0x169, 0x38, 0x118, 0x7b, 0x4, 0x20, 0x2, 0x6, 0x6, 0x7}, [{0x1, 0x8e62, 0x900, 0x7f6f, 0xfffffffd, 0x100, 0x7f, 0x1}, {0x7, 0x8000, 0x6, 0xe5e, 0x6, 0xffffa40c, 0x2}], "32dd5bc8d38c144c368bbc0df731621393eb4528a5343debb598408e9285594de49996e70bdafec7e942a539fc31becc439a4e00a77717726953710c8d74daf78774a059fc721c93a807a413048ab7c9fc4d5c7492446d5b", ['\x00', '\x00', '\x00', '\x00', '\x00']}, 0x5d0)
r6 = accept$packet(r3, 0x0, &(0x7f0000000080))
kcmp(0xffffffffffffffff, 0x0, 0x2, r4, r6)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:44 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:44 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_complete(r1)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:44 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:28:44 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:28:44 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:44 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35)

04:28:44 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
fcntl$F_SET_FILE_RW_HINT(r4, 0x40e, &(0x7f0000000040))
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1331.679542] FAULT_INJECTION: forcing a failure.
[ 1331.679542] name failslab, interval 1, probability 0, space 0, times 0
[ 1331.682366] CPU: 0 PID: 8676 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1331.683781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1331.685467] Call Trace:
[ 1331.686005]  dump_stack+0x107/0x167
[ 1331.686752]  should_fail.cold+0x5/0xa
[ 1331.687532]  ? create_object.isra.0+0x3a/0xa20
[ 1331.688457]  should_failslab+0x5/0x20
[ 1331.689230]  kmem_cache_alloc+0x5b/0x310
[ 1331.690062]  create_object.isra.0+0x3a/0xa20
[ 1331.690956]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1331.692009]  kmem_cache_alloc_bulk+0x168/0x320
[ 1331.692949]  io_submit_sqes+0x6f76/0x85c0
[ 1331.693830]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1331.694839]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1331.695831]  ? lock_downgrade+0x6d0/0x6d0
[ 1331.696671]  ? find_held_lock+0x2c/0x110
[ 1331.697500]  ? io_submit_sqes+0x85c0/0x85c0
[ 1331.698404]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1331.699383]  ? wait_for_completion_io+0x270/0x270
[ 1331.700365]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1331.701296]  ? vfs_write+0x354/0xa70
[ 1331.702049]  ? fput_many+0x2f/0x1a0
[ 1331.702781]  ? ksys_write+0x1a9/0x260
[ 1331.703559]  ? __ia32_sys_read+0xb0/0xb0
[ 1331.704375]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1331.705426]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1331.706464]  do_syscall_64+0x33/0x40
[ 1331.707209]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1331.708243] RIP: 0033:0x7f06e6057b19
[ 1331.708991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1331.712672] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1331.714192] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1331.715612] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1331.717018] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1331.718431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1331.719856] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:28:58 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31)

04:28:58 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36)

04:28:58 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:28:58 executing program 5:
msgget$private(0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = msgget(0x2, 0x22e)
msgctl$IPC_RMID(r1, 0x0)
msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000040)=""/25)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r2 = msgget(0x3, 0x102)
msgsnd(r2, &(0x7f00000000c0)={0x1}, 0x8, 0x0)
msgctl$MSG_STAT_ANY(r2, 0xd, &(0x7f0000000200)=""/80)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
pread64(0xffffffffffffffff, &(0x7f00000005c0), 0x0, 0x0)
r3 = msgget$private(0x0, 0x0)
msgsnd(r3, &(0x7f0000000380)=ANY=[@ANYBLOB='l'], 0xec, 0x0)
msgsnd(r3, &(0x7f00000006c0)={0x1}, 0x8, 0x0)
msgrcv(r3, &(0x7f0000000700)={0x0, ""/4096}, 0x1008, 0xde9a3e1aad67db98, 0x0)
msgctl$IPC_STAT(r3, 0x2, &(0x7f0000000140)=""/155)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x1100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0xa)
sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0)
msgrcv(r3, &(0x7f0000000080)={0x0, ""/70}, 0x4e, 0x2, 0x2000)

04:28:58 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0)

04:28:58 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:58 executing program 2:
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x14000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x8000, 0xffffffffbb075f83, 0x6, 0x0, 0x40000000007ff, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreqsrc(r1, 0x0, 0x25, &(0x7f0000000080)={@dev={0xac, 0x14, 0x14, 0x3a}, @dev={0xac, 0x14, 0x14, 0x1d}, @remote}, 0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x10, r2, 0x0)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x25, &(0x7f0000000080)={@multicast2, @dev={0xac, 0x14, 0x14, 0x41}, @local}, 0xc)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x4)
ioctl$CDROM_SELECT_SPEED(r3, 0x127f, 0x0)
sendto$inet(r3, &(0x7f00000000c0)="25cbcf2584228da8e406eef1bd842fe0f6fe62756a7a201f7d0736abed3dc638791cabeaae32df190bfbac1367f54a07ff7ff95699f52c779329e74b8943a4b1c8a75e23ef8f3fac938af0cab4950576b8adf03d9ee6a166d5c015a35fb708d99935dbc4643f01210ae95959f8ab0705c597d01102d5f5bc7cd10369a4d0e22c5ecaad19e404d2416f3dd980867812afa40ce63256a355cce21d759c266ed971957bebfe74f1f924de9b8d677cf10da8863d7d5f83b6b3c10be766451cfd08cfc985bcb279f658e7", 0xc8, 0x2048891, &(0x7f00000001c0)={0x2, 0x4e24, @broadcast}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)=ANY=[@ANYRES32])
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r5, 0x0, 0x0, 0x8000)
ftruncate(r5, 0x5)
ioctl$sock_SIOCGIFINDEX(r4, 0x8914, &(0x7f0000000140)={'lo\x00'})
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000400)={0x3, 0x5, 0x4, 0xd, 0x7d6})
readahead(r0, 0x2, 0x9e2c)
pipe2(&(0x7f0000000200)={<r6=>0xffffffffffffffff}, 0x4800)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'veth0_to_hsr\x00'})

04:28:58 executing program 1:
r0 = syz_io_uring_setup(0x3159, &(0x7f00000001c0)={0x0, 0x8000}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ff2000/0x2000)=nil, 0x2000, 0x8, 0x20010, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_NOP={0x0, 0x2}, 0x3)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r4, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1345.376960] FAULT_INJECTION: forcing a failure.
[ 1345.376960] name failslab, interval 1, probability 0, space 0, times 0
[ 1345.380009] CPU: 0 PID: 8691 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1345.381487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1345.383295] Call Trace:
[ 1345.383877]  dump_stack+0x107/0x167
[ 1345.384686]  should_fail.cold+0x5/0xa
[ 1345.385516]  ? create_object.isra.0+0x3a/0xa20
[ 1345.386700]  should_failslab+0x5/0x20
[ 1345.387701]  kmem_cache_alloc+0x5b/0x310
[ 1345.388764]  ? mark_held_locks+0x9e/0xe0
[ 1345.389833]  create_object.isra.0+0x3a/0xa20
[ 1345.390966]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1345.392331]  kmem_cache_alloc_bulk+0x168/0x320
[ 1345.393558]  io_submit_sqes+0x6f76/0x85c0
[ 1345.394527]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1345.395627]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1345.396707]  ? lock_downgrade+0x6d0/0x6d0
[ 1345.397633]  ? find_held_lock+0x2c/0x110
[ 1345.398543]  ? io_submit_sqes+0x85c0/0x85c0
[ 1345.399519]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1345.400605]  ? wait_for_completion_io+0x270/0x270
[ 1345.401668]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1345.402658]  ? vfs_write+0x354/0xa70
[ 1345.403466]  ? fput_many+0x2f/0x1a0
[ 1345.404252]  ? ksys_write+0x1a9/0x260
[ 1345.405080]  ? __ia32_sys_read+0xb0/0xb0
[ 1345.405951]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1345.407065]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1345.408192]  do_syscall_64+0x33/0x40
[ 1345.408981]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1345.410099] RIP: 0033:0x7f06e6057b19
[ 1345.410890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1345.414793] RSP: 002b:00007f06e35cd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1345.416438] RAX: ffffffffffffffda RBX: 00007f06e616af60 RCX: 00007f06e6057b19
[ 1345.417917] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1345.419408] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1345.420895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1345.422384] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
[ 1345.448546] FAULT_INJECTION: forcing a failure.
[ 1345.448546] name failslab, interval 1, probability 0, space 0, times 0
[ 1345.450661] CPU: 1 PID: 8705 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1345.451576] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1345.452678] Call Trace:
[ 1345.453024]  dump_stack+0x107/0x167
[ 1345.453495]  should_fail.cold+0x5/0xa
[ 1345.453997]  ? create_object.isra.0+0x3a/0xa20
[ 1345.454604]  should_failslab+0x5/0x20
[ 1345.455103]  kmem_cache_alloc+0x5b/0x310
[ 1345.455642]  ? mark_held_locks+0x9e/0xe0
[ 1345.456172]  create_object.isra.0+0x3a/0xa20
[ 1345.456750]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1345.457423]  kmem_cache_alloc_bulk+0x168/0x320
[ 1345.458029]  io_submit_sqes+0x6f76/0x85c0
[ 1345.458599]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1345.459243]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1345.459897]  ? lock_downgrade+0x6d0/0x6d0
[ 1345.460424]  ? find_held_lock+0x2c/0x110
[ 1345.460955]  ? io_submit_sqes+0x85c0/0x85c0
[ 1345.461518]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1345.462140]  ? wait_for_completion_io+0x270/0x270
[ 1345.462768]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1345.463363]  ? vfs_write+0x354/0xa70
[ 1345.463880]  ? fput_many+0x2f/0x1a0
[ 1345.464353]  ? ksys_write+0x1a9/0x260
[ 1345.464857]  ? __ia32_sys_read+0xb0/0xb0
[ 1345.465388]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1345.466061]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1345.466736]  do_syscall_64+0x33/0x40
[ 1345.467212]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1345.467887] RIP: 0033:0x7f79e8f8cb19
[ 1345.468371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1345.470759] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1345.471751] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1345.472667] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1345.473583] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1345.474503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1345.475411] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:28:58 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:28:58 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:28:58 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140)={0x0, 0x0, 0x4}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:28:58 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)

04:28:58 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000440)=[{&(0x7f0000000040)=' ', 0x1}], 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='environ\x00')
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000000c0))
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/225, 0xe1}, {&(0x7f0000000480)=""/213, 0xd5}], 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000c00)={<r1=>0xffffffffffffffff})
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8800000)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000002e2f66694103db8921b2f14820d43688acd2b5d34776606c"])
dup2(0xffffffffffffffff, 0xffffffffffffffff)

[ 1345.656555] FAULT_INJECTION: forcing a failure.
[ 1345.656555] name failslab, interval 1, probability 0, space 0, times 0
[ 1345.658231] CPU: 1 PID: 8721 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1345.659073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1345.660101] Call Trace:
[ 1345.660429]  dump_stack+0x107/0x167
[ 1345.660908]  should_fail.cold+0x5/0xa
[ 1345.661381]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1345.662039]  should_failslab+0x5/0x20
[ 1345.662503]  __kmalloc_node+0x76/0x420
[ 1345.662996]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1345.663613]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1345.664242]  kmem_cache_alloc_bulk+0x182/0x320
[ 1345.664819]  io_submit_sqes+0x6f76/0x85c0
[ 1345.665360]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1345.665970]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1345.666579]  ? lock_downgrade+0x6d0/0x6d0
[ 1345.667097]  ? find_held_lock+0x2c/0x110
[ 1345.667613]  ? io_submit_sqes+0x85c0/0x85c0
[ 1345.668165]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1345.668773]  ? wait_for_completion_io+0x270/0x270
[ 1345.669386]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1345.669979]  ? vfs_write+0x354/0xa70
[ 1345.670450]  ? fput_many+0x2f/0x1a0
[ 1345.670917]  ? ksys_write+0x1a9/0x260
[ 1345.671393]  ? __ia32_sys_read+0xb0/0xb0
[ 1345.671922]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1345.672582]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1345.673227]  do_syscall_64+0x33/0x40
[ 1345.673704]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1345.674346] RIP: 0033:0x7f79e8f8cb19
[ 1345.674819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1345.677130] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1345.678087] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1345.678992] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1345.679901] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1345.680791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1345.681687] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:29:12 executing program 2:
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, <r0=>0x0})
sched_rr_get_interval(r0, &(0x7f0000000040))
r1 = gettid()
timer_create(0x7, &(0x7f00000004c0)={0x0, 0x6, 0x4, @thr={&(0x7f0000000380)="824ba842a993e6769504c3d1e877efd3695ff80d2ecd86c3d47df40205ccc8d16560d1f9415b38f26529a82f3936ccc33117534336b822dee9f4324e54c1881455adeff2112b9abdc8fc7dd8aa8a71b249d36cda36d2943efd078f9e2bc694918776505cb396f025e8900099be0203b3f10d0105fa193fb3a82e21", &(0x7f0000000400)="a848d6acef53b91ceab2ed3b3e2066789d3f0efa298b501d1310900ae2467a738b354561704d262b79d1ca3157a63d5e35e6d1b090588b3242307799dc50e3d355b6d3c35054335cadb8d05d78996b06ec35154e27b0dc690a290bb2b7ab090d254d5c41a4777682f407babfaf9ab873bf2609372684a41d9239ccb732cc4f4b27aa1fd35250325eb066a59d3e4bf3d815e66034384ac6226590c10146714b9f92b9ee2bb8f59ac620"}}, &(0x7f0000000500))
sched_rr_get_interval(r1, &(0x7f0000000080))
r2 = getpgid(r1)
clone3(&(0x7f0000000300)={0x40001000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0x37}, &(0x7f0000000180)=""/219, 0xdb, &(0x7f0000000280)=""/41, &(0x7f00000002c0)=[r2, r1, r1, 0x0], 0x4}, 0x58)
prctl$PR_GET_TIMERSLACK(0x1e)

04:29:12 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0)

04:29:12 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r4=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r3], 0x1}, 0x58)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r5}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r4, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r5}}, 0xae8b)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_WRITE_FIXED={0x5, 0x4, 0x4007, @fd_index, 0x7, 0x4, 0xfff, 0x9, 0x1, {0x3, r5}}, 0x1000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r6, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r7, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:12 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:12 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37)

04:29:12 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c6163264b73653dd8e362408723471280f72f335cbb04f17c4d75e4bca102fd3f835e8fa1fc523a4645a8f02b7218f7c802cef01703b0584a2a0211c5f10f10f5c86c02924db4713f70ee0bbf9745340a027481503035abe79d6714e2280039ffa3d394fafbd696d880dc0b13b21c176d209af356738f4fed6063563fcc180d9b6cb22c39860a7ea0ef545d61056d40e5078944e9f52d94f0267b3754e64e00acab49fb5f0aaa41c906421fc95714a5d916422c9896ee11cd1cadd0c5b96f11acd7b8e6248a3937baf368ea24329b988704f95bd0433c98b7d8ceb99c0bd166b75c99f6a11db31eea99d721d7328ed5c3286db4b340d955fbecc32ec4cfdc136b52bddb6792c2a42aaf3fae59406e7eb0249437319fa026511cc8caef7571b5442de68318a627fc4c3e0da83253b0f133952672175da958a909f146e6f17aa0b446ead7634860a2f31e2d0b233135c0c52da7a3449b4f6f813e5e17c1374a5ffea529ccdc5aff7cf9dc5fde741ada147bd10f8c12d22a36b62c59cb4071d9d2c7fce7336db6b4e07bd609517978a6d3d59aecd0171db0239aa2e522f3060000000000", @ANYRESDEC, @ANYBLOB=',\x00'])

04:29:12 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33)

04:29:12 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x0, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1359.958953] FAULT_INJECTION: forcing a failure.
[ 1359.958953] name failslab, interval 1, probability 0, space 0, times 0
[ 1359.961305] CPU: 0 PID: 8745 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1359.962571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1359.964139] Call Trace:
[ 1359.964638]  dump_stack+0x107/0x167
[ 1359.965334]  should_fail.cold+0x5/0xa
[ 1359.966055]  ? create_object.isra.0+0x3a/0xa20
[ 1359.966918]  should_failslab+0x5/0x20
[ 1359.967632]  kmem_cache_alloc+0x5b/0x310
[ 1359.968385]  ? mark_held_locks+0x9e/0xe0
[ 1359.969118]  create_object.isra.0+0x3a/0xa20
[ 1359.969913]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1359.970836]  kmem_cache_alloc_bulk+0x168/0x320
[ 1359.971667]  io_submit_sqes+0x6f76/0x85c0
[ 1359.972447]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1359.973360]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1359.974233]  ? lock_downgrade+0x6d0/0x6d0
[ 1359.974974]  ? find_held_lock+0x2c/0x110
[ 1359.975710]  ? io_submit_sqes+0x85c0/0x85c0
[ 1359.976560]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1359.977446]  ? wait_for_completion_io+0x270/0x270
[ 1359.978296]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1359.979124]  ? vfs_write+0x354/0xa70
[ 1359.979788]  ? fput_many+0x2f/0x1a0
[ 1359.980444]  ? ksys_write+0x1a9/0x260
[ 1359.981153]  ? __ia32_sys_read+0xb0/0xb0
[ 1359.981884]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1359.982803]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1359.983729]  do_syscall_64+0x33/0x40
[ 1359.984396]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1359.985302] RIP: 0033:0x7f79e8f8cb19
[ 1359.985970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1359.989291] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1359.990653] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1359.991926] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1359.993197] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1359.994462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1359.995732] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
[ 1360.063901] FAULT_INJECTION: forcing a failure.
[ 1360.063901] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1360.066689] CPU: 1 PID: 8749 Comm: syz-executor.7 Not tainted 5.10.207 #1
[ 1360.068091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1360.069784] Call Trace:
[ 1360.070332]  dump_stack+0x107/0x167
[ 1360.071087]  should_fail.cold+0x5/0xa
[ 1360.071922]  _copy_to_user+0x2e/0x180
[ 1360.072720]  simple_read_from_buffer+0xcc/0x160
[ 1360.073685]  proc_fail_nth_read+0x198/0x230
[ 1360.074579]  ? proc_sessionid_read+0x230/0x230
[ 1360.075512]  ? security_file_permission+0x24e/0x570
[ 1360.076540]  ? perf_trace_initcall_start+0x101/0x380
[ 1360.077592]  ? proc_sessionid_read+0x230/0x230
[ 1360.078524]  vfs_read+0x228/0x580
[ 1360.079231]  ksys_read+0x12d/0x260
[ 1360.079971]  ? vfs_write+0xa70/0xa70
[ 1360.080730]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1360.081836]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1360.082880]  do_syscall_64+0x33/0x40
[ 1360.083672]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1360.084713] RIP: 0033:0x7f06e600a69c
[ 1360.085469] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1360.089157] RSP: 002b:00007f06e35cd170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1360.090724] RAX: ffffffffffffffda RBX: 000000000000030e RCX: 00007f06e600a69c
[ 1360.092229] RDX: 000000000000000f RSI: 00007f06e35cd1e0 RDI: 0000000000000007
[ 1360.093708] RBP: 00007f06e35cd1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1360.095365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1360.097079] R13: 00007ffd67a8a83f R14: 00007f06e35cd300 R15: 0000000000022000
04:29:13 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:13 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0)

04:29:13 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34)

04:29:13 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:13 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000100)={0x0, {{0x2, 0xffff, @empty}}, {{0x3e, 0x0, @private=0xa010101}}}, 0x118)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000200)={0x0, 0x0, 0x0, 'queue1\x00'})
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x40001, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = dup2(r4, r3)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r6=>r2, @ANYBLOB="0109000000000000002f66696c653000"])
r7 = syz_genetlink_get_family_id$batadv(0x0, r5)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r6, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0x8, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r7, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0xfec6, 0x39, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x200000c0}, 0x14050884)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', <r9=>0x0})
setsockopt$packet_add_memb(r8, 0x107, 0x1, &(0x7f0000000100)={r9, 0x3, 0x6}, 0x10)
setsockopt$packet_add_memb(r8, 0x107, 0x1, &(0x7f0000000080)={r9, 0x1, 0x6, @dev}, 0x10)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="02000000000000000000000086bcba144828", @ANYRES32=r9, @ANYBLOB="0500290001000000"], 0x24}, 0x1, 0x0, 0x0, 0x24040010}, 0x40040)
setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000000)={{{@in6=@local, @in=@empty, 0x4e22, 0x5, 0x4e24, 0x200, 0x2, 0x80, 0x0, 0x5c, r9}, {0xe941, 0x9, 0x101, 0x1, 0x1, 0x1, 0xc1e, 0x6}, {0x0, 0x5, 0x25a6, 0x80}, 0x80, 0x6e6bb4, 0x1, 0x0, 0x0, 0x3}, {{@in6=@local, 0x4d2, 0x6c}, 0x2, @in6=@mcast1, 0x3507, 0x0, 0x0, 0x0, 0x9, 0x9, 0x8}}, 0xe8)
ioctl$sock_TIOCINQ(r5, 0x541b, &(0x7f00000002c0))

[ 1360.364000] FAULT_INJECTION: forcing a failure.
[ 1360.364000] name failslab, interval 1, probability 0, space 0, times 0
[ 1360.367009] CPU: 1 PID: 8770 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1360.368598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1360.370513] Call Trace:
[ 1360.371128]  dump_stack+0x107/0x167
[ 1360.371987]  should_fail.cold+0x5/0xa
[ 1360.372872]  should_failslab+0x5/0x20
[ 1360.373743]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1360.374774]  io_submit_sqes+0x6f76/0x85c0
[ 1360.375759]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1360.376909]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1360.378013]  ? lock_downgrade+0x6d0/0x6d0
[ 1360.378954]  ? find_held_lock+0x2c/0x110
[ 1360.379898]  ? io_submit_sqes+0x85c0/0x85c0
[ 1360.380899]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1360.382006]  ? wait_for_completion_io+0x270/0x270
[ 1360.383101]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1360.384170]  ? vfs_write+0x354/0xa70
[ 1360.385018]  ? fput_many+0x2f/0x1a0
[ 1360.385842]  ? ksys_write+0x1a9/0x260
[ 1360.386704]  ? __ia32_sys_read+0xb0/0xb0
[ 1360.387631]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1360.388822]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1360.389997]  do_syscall_64+0x33/0x40
[ 1360.390839]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1360.392022] RIP: 0033:0x7f79e8f8cb19
[ 1360.392867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1360.397068] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1360.398784] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1360.400409] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1360.402005] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1360.403598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1360.405200] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:29:28 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35)

04:29:28 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00')
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00')
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
renameat(r0, &(0x7f0000000080)='./mnt\x00', r2, &(0x7f00000001c0)='./mnt\x00')

04:29:28 executing program 5:
io_submit(0x0, 0x2, &(0x7f0000001680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000340)={0x53, 0x0, 0x9a, 0x0, @buffer={0x300, 0xa3, &(0x7f00000005c0)=""/163}, &(0x7f0000000400)="4feb7dc9166b6447a088582072c238800a92451d113f8c0580441e896595a1225a3281da76798b7719fc27f0eb034bc3c3e044325e23da760e24d95176cba6d60bbfc84ff236bb97f7da861f57098517a4a0388b164252c800d28d9a831a1260bc3e880a07351c1f28eee500c2f1004342ba3272a00163c884ad4552414515f7a89911795367113a97934e08bac36a1b9dfa83b8c1139ad48e9d", 0x0, 0x2, 0x0, 0x4, 0x0})
r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
openat(r4, &(0x7f0000000040)='./file0\x00', 0x585180, 0x83)
openat(r1, &(0x7f0000000500)='./file0\x00', 0x400000, 0x20)
dup3(r2, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000240), &(0x7f00000001c0))
ioctl$SG_GET_COMMAND_Q(r0, 0x2270, &(0x7f0000000000))

04:29:28 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:28 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0))

04:29:28 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:28 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000240), 0x6}, 0x0, 0x40000000, 0x100000, 0x4, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
copy_file_range(r0, &(0x7f0000000040)=0x3, r0, &(0x7f00000001c0)=0x4, 0x8, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000a, 0x13, r5, 0x0)
syz_io_uring_complete(r6)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x3000000, 0x20010, r0, 0x10000000)
r8 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r9=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r8], 0x1}, 0x58)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r10}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r9, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r10}}, 0xae8b)
pipe(&(0x7f00000001c0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7472616e733d66642c7286102e8e2066646e6f3d305578030d5418d847e8708c636c2502acbef8a09fd660c750d79fa20e1cd43c0f12ea11d2eb768a83883b8d058db190162db18211c47ec8e53fe060edde16adf0acd8df06ff1c823e2480f83ac83e47517c13996620d33db874e434f38ae776504860842e5a32e999630b43f2eebe6e4ee6a68843281477f2788abc62bbd636815b86fa6ed9a0f7d5fb90bc41feb522f601347b2910899b1f27e56be5640504f55ce185", @ANYRESHEX=r11, @ANYBLOB=',wfdno=', @ANYRESHEX=r12, @ANYBLOB="2c646566636f6e746578743d73797374656d5f752c736d61636b6673666c6f6f723dd2403a2d3a403a2424402c00"])
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd_index=0x7, 0x7, {0x0, r3}, 0xfffffffa, 0x4, 0x0, {0x0, r10, r12}}, 0x2)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:28 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x0, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1375.457995] FAULT_INJECTION: forcing a failure.
[ 1375.457995] name failslab, interval 1, probability 0, space 0, times 0
[ 1375.460826] CPU: 0 PID: 8794 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1375.462324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1375.464147] Call Trace:
[ 1375.464723]  dump_stack+0x107/0x167
[ 1375.465512]  should_fail.cold+0x5/0xa
[ 1375.466338]  ? create_object.isra.0+0x3a/0xa20
[ 1375.467335]  should_failslab+0x5/0x20
[ 1375.468195]  kmem_cache_alloc+0x5b/0x310
[ 1375.469097]  ? mark_held_locks+0x9e/0xe0
[ 1375.470002]  create_object.isra.0+0x3a/0xa20
[ 1375.470959]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1375.472094]  kmem_cache_alloc_bulk+0x168/0x320
[ 1375.473095]  io_submit_sqes+0x6f76/0x85c0
[ 1375.474027]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1375.475105]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1375.476171]  ? io_submit_sqes+0x85c0/0x85c0
[ 1375.477110]  ? recalibrate_cpu_khz+0x10/0x10
[ 1375.478069]  ? ktime_get+0x158/0x1f0
[ 1375.478846]  ? setup_APIC_eilvt+0x2f0/0x2f0
[ 1375.479781]  ? clockevents_program_event+0x131/0x360
[ 1375.480834]  ? tick_program_event+0xa8/0x140
[ 1375.481773]  ? hrtimer_interrupt+0x771/0x9b0
[ 1375.482699]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1375.483833]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1375.484902]  do_syscall_64+0x33/0x40
[ 1375.485703]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1375.486823] RIP: 0033:0x7f79e8f8cb19
[ 1375.487628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1375.491651] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1375.493303] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1375.494854] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1375.496535] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1375.498085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1375.499632] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:29:28 executing program 5:
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000080)=0x90, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000040))
ioctl$sock_inet_SIOCGIFBRDADDR(0xffffffffffffffff, 0x8919, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e21, 0x15, @loopback, 0x7fffffff}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000002ec0), 0x4)
ioctl$BTRFS_IOC_SNAP_CREATE(r1, 0x50009401, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x3, @remote, 0xfffffffe}, 0x1c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x7, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}, ["", ""]}, 0x14}}, 0x0)
dup2(r2, r3)
recvfrom$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$inet6(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001)
recvfrom$inet6(r1, &(0x7f0000001700)=""/4099, 0xffffffc9, 0xcd08, 0x0, 0xfffffffffffffe77)

04:29:28 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:28 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0))

04:29:28 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x0, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:29:28 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xa1, 0x0, 0x0, 0x0)

04:29:28 executing program 2:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x9c20, 0x0, 0x0, 0x1ec}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r5=>r1, @ANYBLOB="0500000000000000772f66696c653000"])
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000140), 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x0, 0x2203, 0x0, {0x1}}, 0x0)
ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, 0x0)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r8], 0x1}, 0x58)
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x81, 0x0)
perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0xbd, 0x7, 0x7f, 0x2, 0x0, 0x8000, 0x80, 0xa, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x3, 0x5}, 0x3002, 0x5, 0x1, 0x3, 0x200, 0xab9, 0x6, 0x0, 0x5, 0x0, 0x9}, r8, 0x4, r9, 0x3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
dup2(r0, r6)

04:29:28 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36)

04:29:28 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:28 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:29:28 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0))

04:29:28 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8, 0x13, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
r7 = dup2(r6, r5)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/block/loop7', 0x20c80, 0x0)
r9 = dup2(r8, r7)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r9, 0x0, &(0x7f0000000240)=""/61, 0x3d, 0x13}, 0x20)
r10 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = dup2(r10, 0xffffffffffffffff)
open_tree(r11, &(0x7f0000000040)='./file0\x00', 0x81000)
sendmsg$NL80211_CMD_JOIN_MESH(r11, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="209ce9826d3e576f105f8eabd24159206e76b0c1d6116ecd58ec27f37087bef0a8bcbe044890fcc0c4f4840a9fb3d0b97cff00b7cefc9155519daed58fb379b120", @ANYRES64, @ANYBLOB="0102250900000000000000000800030000003a7fcaea0c93a416a0ec56f6b997aa4e29b9aa8f815a26a938b35b3d2d4493c6b5e1a587fa40eaf1f995767ba1c7a952c2b0cb", @ANYRES32=0x0, @ANYBLOB="a60300090000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
r12 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r13 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x5, 0x0, r12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r13}}, 0x8000)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:28 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xf5, 0x0, 0x0, 0x0)

[ 1375.943709] FAULT_INJECTION: forcing a failure.
[ 1375.943709] name failslab, interval 1, probability 0, space 0, times 0
[ 1375.946483] CPU: 0 PID: 8831 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1375.947916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1375.949704] Call Trace:
[ 1375.950260]  dump_stack+0x107/0x167
[ 1375.951032]  should_fail.cold+0x5/0xa
[ 1375.951832]  ? create_object.isra.0+0x3a/0xa20
[ 1375.952797]  should_failslab+0x5/0x20
[ 1375.953595]  kmem_cache_alloc+0x5b/0x310
[ 1375.954481]  create_object.isra.0+0x3a/0xa20
[ 1375.955413]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1375.956502]  kmem_cache_alloc_bulk+0x168/0x320
[ 1375.957474]  io_submit_sqes+0x6f76/0x85c0
[ 1375.958398]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1375.959445]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1375.960468]  ? lock_downgrade+0x6d0/0x6d0
[ 1375.961328]  ? find_held_lock+0x2c/0x110
[ 1375.962195]  ? io_submit_sqes+0x85c0/0x85c0
[ 1375.963116]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1375.964153]  ? wait_for_completion_io+0x270/0x270
[ 1375.965163]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1375.966131]  ? vfs_write+0x354/0xa70
[ 1375.966922]  ? fput_many+0x2f/0x1a0
[ 1375.967690]  ? ksys_write+0x1a9/0x260
[ 1375.968495]  ? __ia32_sys_read+0xb0/0xb0
[ 1375.969362]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1375.970455]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1375.971548]  do_syscall_64+0x33/0x40
[ 1375.972356]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1375.973443] RIP: 0033:0x7f79e8f8cb19
[ 1375.974224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1375.978089] RSP: 002b:00007f79e6502188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1375.979689] RAX: ffffffffffffffda RBX: 00007f79e909ff60 RCX: 00007f79e8f8cb19
[ 1375.981208] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1375.982705] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1375.984206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1375.985698] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:29:29 executing program 1:
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000200)={0x2, [0x0, 0x0]})
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat(r3, &(0x7f0000000040)='./file0\x00', 0x4000, 0x2)
creat(&(0x7f00000001c0)='./file0\x00', 0xa0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:29 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:45 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:29:45 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000000140)="2f0000009f", 0x5, 0x800}], 0x0, &(0x7f0000000080))

04:29:45 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:45 executing program 6:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8, 0x13, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
r7 = dup2(r6, r5)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/block/loop7', 0x20c80, 0x0)
r9 = dup2(r8, r7)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r9, 0x0, &(0x7f0000000240)=""/61, 0x3d, 0x13}, 0x20)
r10 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = dup2(r10, 0xffffffffffffffff)
open_tree(r11, &(0x7f0000000040)='./file0\x00', 0x81000)
sendmsg$NL80211_CMD_JOIN_MESH(r11, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="209ce9826d3e576f105f8eabd24159206e76b0c1d6116ecd58ec27f37087bef0a8bcbe044890fcc0c4f4840a9fb3d0b97cff00b7cefc9155519daed58fb379b120", @ANYRES64, @ANYBLOB="0102250900000000000000000800030000003a7fcaea0c93a416a0ec56f6b997aa4e29b9aa8f815a26a938b35b3d2d4493c6b5e1a587fa40eaf1f995767ba1c7a952c2b0cb", @ANYRES32=0x0, @ANYBLOB="a60300090000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
r12 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r13 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x5, 0x0, r12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r13}}, 0x8000)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:45 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:29:45 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0)

04:29:45 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x13, r0, 0x10000000)
r6 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r7=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r6], 0x1}, 0x58)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r8}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r7, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r8}}, 0xae8b)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd_index=0x6, 0x1, 0x0, 0x1, 0x1, 0x1, {0x0, r8}}, 0x1)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:45 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37)

[ 1392.724637] FAULT_INJECTION: forcing a failure.
[ 1392.724637] name failslab, interval 1, probability 0, space 0, times 0
[ 1392.727019] CPU: 0 PID: 8880 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1392.728225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1392.729664] Call Trace:
[ 1392.730135]  dump_stack+0x107/0x167
[ 1392.730776]  should_fail.cold+0x5/0xa
[ 1392.731446]  should_failslab+0x5/0x20
[ 1392.732100]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1392.732891]  io_submit_sqes+0x6f76/0x85c0
[ 1392.733616]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1392.734480]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1392.735353]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1392.736201]  ? lock_downgrade+0x6d0/0x6d0
[ 1392.736946]  ? find_held_lock+0x2c/0x110
[ 1392.737674]  ? io_submit_sqes+0x85c0/0x85c0
[ 1392.738434]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1392.739301]  ? wait_for_completion_io+0x270/0x270
[ 1392.740149]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1392.740978]  ? vfs_write+0x354/0xa70
[ 1392.741656]  ? fput_many+0x2f/0x1a0
[ 1392.742299]  ? ksys_write+0x1a9/0x260
[ 1392.742978]  ? __ia32_sys_read+0xb0/0xb0
[ 1392.743699]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1392.744636]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1392.745579]  do_syscall_64+0x33/0x40
[ 1392.746237]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1392.747154] RIP: 0033:0x7fcdd7801b19
[ 1392.747805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1392.751042] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1392.752387] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1392.753632] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1392.754872] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1392.756120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1392.757379] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
[ 1392.770078] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[ 1392.795138] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 159)!
[ 1392.796793] EXT4-fs (loop2): group descriptors corrupted!
[ 1392.842677] FAULT_INJECTION: forcing a failure.
[ 1392.842677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1392.844664] CPU: 0 PID: 8882 Comm: syz-executor.3 Not tainted 5.10.207 #1
[ 1392.845771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1392.845869] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[ 1392.847185] Call Trace:
[ 1392.847220]  dump_stack+0x107/0x167
[ 1392.847241]  should_fail.cold+0x5/0xa
[ 1392.847262]  _copy_to_user+0x2e/0x180
[ 1392.847288]  simple_read_from_buffer+0xcc/0x160
[ 1392.852065]  proc_fail_nth_read+0x198/0x230
[ 1392.852818]  ? proc_sessionid_read+0x230/0x230
[ 1392.853602]  ? security_file_permission+0x24e/0x570
[ 1392.854457]  ? perf_trace_initcall_start+0x101/0x380
[ 1392.855290]  ? proc_sessionid_read+0x230/0x230
[ 1392.856066]  vfs_read+0x228/0x580
[ 1392.856652]  ksys_read+0x12d/0x260
[ 1392.857261]  ? vfs_write+0xa70/0xa70
[ 1392.857868]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1392.858761]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1392.859519] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 159)!
[ 1392.859595]  do_syscall_64+0x33/0x40
[ 1392.861836] EXT4-fs (loop2): group descriptors corrupted!
[ 1392.862389]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1392.862399] RIP: 0033:0x7f79e8f3f69c
[ 1392.862413] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1392.862421] RSP: 002b:00007f79e6502170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1392.862445] RAX: ffffffffffffffda RBX: 000000000000030e RCX: 00007f79e8f3f69c
[ 1392.870662] RDX: 000000000000000f RSI: 00007f79e65021e0 RDI: 0000000000000007
[ 1392.871806] RBP: 00007f79e65021d0 R08: 0000000000000000 R09: 0000000000000000
[ 1392.872973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1392.874106] R13: 00007ffc64f67d7f R14: 00007f79e6502300 R15: 0000000000022000
04:29:45 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:59 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:29:59 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:59 executing program 6:
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x6ec7, 0x79}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffd}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000880)={<r1=>0x0}, &(0x7f00000008c0)=0xc)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/asound/seq/clients\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x80, 0x1, 0x0, 0x80, 0x40, 0x0, 0x4, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6, 0x4}, 0x10, 0x1000, 0x7689, 0x5, 0x7fff, 0x7, 0x40, 0x0, 0x151e772, 0x0, 0x3ff}, r1, 0xb, r2, 0x1)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', <r5=>0x0})
setsockopt$packet_int(r3, 0x107, 0x7, &(0x7f0000000040)=0x3f, 0x4)
bind$packet(r3, &(0x7f0000000240)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
sendfile(r3, r0, 0x0, 0x500000001)
sendmsg(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000200)="9133586fe8f5e9ac44974e8fd5cd4e027ae4745f90fb062bdb9aae1214b471a335fcadd3cd59ec60", 0x28}, {&(0x7f0000000280)="75b102a9b2047df7c2ac98a3ed0a5896d06d11a36f459fd35a0574ea75e6e9f4555d86b7f238cae6d514fdf3653ba55ec01d88625953db541e820d9b968823f7ca2e59a44a", 0x45}, {&(0x7f0000000300)="0930e4a14a873b10858e4b9bc38d17b2139e26d6f354b9b71df390d408faaa25362450419c3dc80f86c8b8ab913c3139c6a5a82df98552f069143983afc52c45d16f57698232791424220c1531985e889980ae25a7ce", 0x56}, {&(0x7f0000000380)="295b70fd1fa24091a953ad12dd7816e5567e2b4a48f5d11b6d58caede98f82692e3c33a059215b38210131c5942971f5aa262fa379", 0x35}, {&(0x7f00000003c0)="5182c9b01c6c9f45373c333eae21e4f57403cfd3ad943ad1ca38c01099fceb187c8a085c809bd66986720d46f7d9a79f7b37704d294dc11212cbfdee55af4431078de823d5", 0x45}], 0x5, &(0x7f00000004c0)=[{0x20, 0x1, 0x2, "b24b222eccd728a3e410"}, {0xe8, 0x3a, 0x9, "7deddf266463aaa13fa2bdaf32ae2fd97af6f2c209c63d1405d01fe2af4501aeea4dc68a4b77ceb54bcf354cb5326f58217bd2f159997b66645342e856bc4a30af983cd1032a830f16cbac5a62abb4f26c614fd315af14b74d8ffe16bb590b7aa7b03c9e9875399fc73afbba790995343cb7ea89be92bf57adda57cfe08eaa4efa38da59c1f3da8ccd8dd00b7d11d37699e2c9a3fe8e442a6a65c2a1138ef2f074ff488273f1a6343fd3f20e0c12a3b14f6815212de6e8c54d22fa78f7f4340ab266f3beb3165ab6675aa1a0c27e9d206b9f58"}, {0x48, 0x109, 0x3, "cb41e3bdbb494f308a1528cbefea4be608b315aa55b3977a2e4fdd77b7f7e270bea1a577a65ef4116341ca6954746b39e591a2"}, {0x68, 0x10b, 0x8000, "754e2bf99b750d4334d6b269c3cfb99e987e575f6afa9117a11050431fc29b1b63ae7f0289e39164623c7950364d9261a8f1cd219f2a5606d82e99d847f1ebceacbc9abaf41e34c86bc07e739f6042941cff36fcd86125"}, {0xc8, 0x3, 0x7, "3de58dd12b996c1d56bad5c3f086ebfe2413527235fd040364c4dfad1c4d53c3ba8afcd9bd2b2346070614960b5db40b4f2fcec08217b5da4e25e779c3861e4d892857f776a88bd56c4bf008e51e09fb0b2cd2d5b26b8eab0d208a9adc8c14b3359704d96d9a4550f631297568136134ddd275db98f27c0c57ea2c3fef48e804d47c6fa252ad4b648c1d4289da65883f5ae02ae0ccd2c6d41042a26c04af97c17206f7f0446cf73945188761f7f78acabd8766de4052e7a4"}, {0x70, 0x1, 0xef6, "f66be4cae83bd622e699809515309fa1ea07d865df96d0f38502d4f8457aeb480af620c448a2ae5cc4ba5c48ce3ce06022e462f07f6ac6c0484f30dbd7bbe7b216041d26e3c92321a1580e1fa138d0b98155b64e06531194f4b1"}], 0x2f0}, 0x40044)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
accept$packet(r3, 0x0, &(0x7f00000000c0))
sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x8060}, 0x8050)

04:29:59 executing program 2:
syz_usb_ep_write(0xffffffffffffffff, 0x2, 0xd0, &(0x7f0000000300)="11d334700fd9b5800245d818e17b23d0faec426ec658edd1d7e0d0bb59eeffc77568b12b0cedcbf85fc4ae14d4d9bf91d09910e3a57ffd90a2c30c7336b1ac15fd11132787e8f0d3da780ab6d25a3a79a37afb7c02221d768c32f239c28f120a950d7354822b99219f1fa67a0a72a1a57b87506ea55edaae4bc5bf8e73e935a40e80f4b925abae9451b87ff3b5663268c161e36674c1fdbff3b1ac5a565f6bca7eec46b588ce7ab0f2ed45a7ba3bb6c62443ed97dcf9e96194ce563e39eba009ab151b50973bcacb4a7fd057cd1e0f40")
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x6d, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x8, 0x8, 0x4, 0x0, 0xd7, 0x16, 0x7, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000000), 0x3}, 0x10, 0x80, 0x1, 0x4, 0x40, 0xffff0001, 0x40, 0x0, 0x7fffffff, 0x0, 0x7}, 0x0, 0x6, r0, 0x4)

04:29:59 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x4000, 0x0, 0x0, 0x0)

04:29:59 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
bind(r3, &(0x7f00000001c0)=@generic={0x27, "6e9cd0907000364223d69638c94ea9047022d1b411983ab38b1769360dab434e40730a789a747120c13a2d2250f04f12e3d86c3b1a7dd9e332d025490487e7347bb69584607a52c90d05ccb6cd019258eef97b5642442ff5e011c1c9e21fd11f0b671ca991efb0ffa5cb4fbf2924edb6421a9fd5aa6654fd84e9f6e91485"}, 0x80)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:59 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:29:59 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1406.516760] FAULT_INJECTION: forcing a failure.
[ 1406.516760] name failslab, interval 1, probability 0, space 0, times 0
[ 1406.518355] CPU: 0 PID: 8915 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1406.519047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1406.519880] Call Trace:
[ 1406.520161]  dump_stack+0x107/0x167
[ 1406.520547]  should_fail.cold+0x5/0xa
[ 1406.520936]  ? create_object.isra.0+0x3a/0xa20
[ 1406.521399]  should_failslab+0x5/0x20
[ 1406.521790]  kmem_cache_alloc+0x5b/0x310
[ 1406.522208]  create_object.isra.0+0x3a/0xa20
[ 1406.522654]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1406.523170]  kmem_cache_alloc_bulk+0x168/0x320
[ 1406.523636]  io_submit_sqes+0x6f76/0x85c0
[ 1406.524059]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1406.524568]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1406.525074]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1406.525564]  ? lock_downgrade+0x6d0/0x6d0
[ 1406.525987]  ? find_held_lock+0x2c/0x110
[ 1406.526402]  ? io_submit_sqes+0x85c0/0x85c0
[ 1406.526845]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1406.527335]  ? wait_for_completion_io+0x270/0x270
[ 1406.527824]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1406.528304]  ? vfs_write+0x354/0xa70
[ 1406.528824]  ? fput_many+0x2f/0x1a0
[ 1406.529308]  ? ksys_write+0x1a9/0x260
[ 1406.529807]  ? __ia32_sys_read+0xb0/0xb0
[ 1406.530351]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1406.531046]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1406.531740]  do_syscall_64+0x33/0x40
[ 1406.532231]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1406.532925] RIP: 0033:0x7fcdd7801b19
[ 1406.533415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1406.535825] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1406.536838] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1406.537777] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1406.538539] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1406.539258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1406.539984] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:29:59 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
syz_io_uring_complete(0x0)
syz_io_uring_setup(0xffffffff, &(0x7f0000000280)={0x0, 0x2e3b, 0x0, 0x0, 0x3d9}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = dup2(r7, r6)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x0, 0x0)
r10 = dup2(r9, r8)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r10, 0x0, &(0x7f0000000240)=""/61, 0x3d, 0x13}, 0x20)
r11 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x2, 0x20, 0x2, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x7, 0x0, 0xfffffffffffffffd}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r12 = dup2(r11, 0xffffffffffffffff)
open_tree(r12, &(0x7f0000000040)='./file0\x00', 0x81000)
sendmsg$NL80211_CMD_JOIN_MESH(r12, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="209ce9826d3e576f105f8eabd24159206e76b0c1d6116ecd58ec27f37087bef0a8bcbe044890fcc0c4f4840a9fb3d0b97cff00b7cefc9155519daed58fb379b120", @ANYRES64=r5, @ANYBLOB="0102250900000000000000000800030000003a7fcaea0c93a416a0ec56f6b997aa4e29b9aa8f815a26a938b35b3d2d4493c6b5e1a587fa40eaf1f995767ba1c7a952c2b0cb73d7f1bf00e8d892363bd5066ea6757a216bb4ece0525b06c207e05009", @ANYRES32=0x0, @ANYBLOB="a60300090000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x2, 0x4007, @fd_index=0x1, 0x0, 0x1000, 0x632e3a60}, 0x40)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r13 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r13, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:59 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000240))

04:29:59 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xa1ff, 0x0, 0x0, 0x0)

04:29:59 executing program 6:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000140), 0x8}, 0xdd48a83c10608be0, 0x0, 0x0, 0x2, 0x200000, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x45ae, 0x0, 0x1, 0x3b2, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000280)=@in6={0xa, 0xfffe, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000008, 0x10, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd=r3, 0x0, 0x0, 0x0, {0xa084}}, 0x20)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000001, 0x40f0050, r0, 0x10000000)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000440)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r7}}, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(0xffffffffffffffff, r8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x5, &(0x7f0000000200), 0x1, 0x1}, 0x1)
syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x0, @fd=r6, 0xff, 0x9, 0xfe, 0x1d, 0x1, {0x3, r7}}, 0xcc9e)
io_uring_enter(r0, 0x76d2, 0x0, 0x0, 0x0, 0x0)
r9 = creat(&(0x7f0000000380)='./file0\x00', 0x28)
write$binfmt_elf64(r9, &(0x7f0000000100)=ANY=[], 0xfdef)
fallocate(r9, 0x6d, 0x0, 0x8000)

04:29:59 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000240))

04:29:59 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f00000001c0)={0x1, 0x6})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r3, 0x4008f510, &(0x7f0000000040)=0xfffffffffffffff9)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:29:59 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:30:14 executing program 2:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, 0x0, 0x3)
perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x7f, 0xfd, 0x1, 0x21, 0x0, 0xfc, 0x20800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xef, 0x0, @perf_config_ext={0x8, 0x93}, 0x20, 0x9, 0x31, 0x8, 0x5, 0x7, 0xf1, 0x0, 0x9, 0x0, 0x7}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0xa)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/124, 0x7c, 0x1, &(0x7f0000000240)=""/99, 0x63}, &(0x7f00000002c0)=0x40)
pkey_alloc(0x0, 0x0)
r1 = pkey_alloc(0x0, 0x2)
pkey_mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x7, r1)
pkey_mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r2=>r0, {0x4}}, './file1\x00'})
perf_event_open(0x0, 0x0, 0x4, r2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
kcmp(0xffffffffffffffff, 0x0, 0x6, r0, 0xffffffffffffffff)
setsockopt$sock_int(r4, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendfile(r4, r3, 0x0, 0x9bbb)

04:30:14 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2e, &(0x7f0000001040)=[{&(0x7f0000000680)="200000000002000019000000600100000f000000000000000000000004000000000002000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d6f4655f0000000000000e0001000000000000000b0000000001000008000000d2420000120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f21b07a36f7bb17f36567656e3133363835323430320000000000000000000800000000000000000000000000000000000000005b4a00d728e35b8b82f672597d08bcab85b14685c8d2a1fbbc730ee07996f510c7fab29443fdc2271dc23ddf48c00861c7a4ddfcad940f1ae7b07db3ab98b587a6", 0x101, 0x400}, {&(0x7f0000010100)="0000000000000000000000008395006fb905454792d9f392427055b7010040000c00000000000000d6f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000003700000000000000", 0x40, 0x540}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="03000000040000000500000016000f000300040000000000000000000f00698c", 0x20, 0x800}, {&(0x7f0000010500)="ff030000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d6f4655fd6f4655fd6f4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d6f4655fd7f4655fd7f4655f00000000000004002000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x1500}, {&(0x7f0000010f00)="2000000098a2e27a98a2e27a00000000d6f4655f00"/32, 0x20, 0x1580}, {&(0x7f0000011000)="8081000000180000d6f4655fd6f4655fd6f4655f00000000000001002000000010000800000000000af3020004000000000000000000000002000000300000000200000004000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d6f4655f00"/160, 0xa0, 0x1600}, {&(0x7f0000011100)="8081000000180000d6f4655fd6f4655fd6f4655f00000000000001002000000010000800000000000af3020004000000000000000000000002000000400000000200000004000000420000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000d6f4655f00"/160, 0xa0, 0x1700}, {&(0x7f0000000200)="c041000000300000d6f4655fd6f4655fd6f4655f00000000000002002000000000000800000000000af301000400000000000000000000000c00000020000000", 0x40, 0x1e00}, {&(0x7f0000011300)="20000000000000000000000000000000d6f4655f00"/32, 0x20, 0x1e84}, {&(0x7f0000011400)="ed41000000040000d7f4655fd7f4655fd7f4655f00000000000002002000000000000800030000000af3010004000000000000000000000001000000500000000000000000000000000000000000000000000000000000000000000000000000000000005bbc60cd0000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0xa0, 0x1f00}, {&(0x7f0000011500)="ed8100001a040000d7f4655fd7f4655fd7f4655f00000000000001002000000000000800010000000af301000400000000000000000000000200000060000000000000000000000000000000000000000000000000000000000000000000000000000000491c1dd40000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0xa0, 0x2000}, {&(0x7f0000011600)="ffa1000026000000d7f4655fd7f4655fd7f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3133363835323430322f66696c65302f66696c6530000000000000000000000000000000000000000000008a6df6170000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0xa0, 0x2100}, {&(0x7f0000011700)="ed8100000a000000d7f4655fd7f4655fd7f4655f00000000000001002000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000b53044900000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000000002ea06015400000000000600000000000000786174747231000006014c0000000000060000000000000078617474723200000000000000000000000000000000000000000000000000000000000078617474723200007861747472310000ed81000028230000d7f4655fd7f4655fd7f4655f00000000000002002000000000000800010000000af30100040000000000000000000000090000008000000000000000000000000000000000000000000000000000000000000000000000000000000059a976290000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0x1a0, 0x2200}, {&(0x7f0000011900)="ed81000064000000d7f4655fd7f4655fd7f4655f00000000000001002000000000000800010000000af3010004000000000000000000000001000000900000000000000000000000000000000000000000000000000000000000000000000000000000002248c6120000000000000000000000000000000000000000000000002000000098a2e27a98a2e27a98a2e27ad7f4655f98a2e27a0000000000000000", 0xa0, 0x2400}, {&(0x7f0000011a00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0x4000}, {&(0x7f0000011b00)="0b0000000c0001022e00000002000000f40302022e2e00"/32, 0x20, 0x8000}, {&(0x7f0000011c00)="00000000000400"/32, 0x14, 0x8400}, {&(0x7f0000011d00)="00000000000400"/32, 0x20, 0x8800}, {&(0x7f0000000040)="00000000000400"/32, 0x20, 0x8c00}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x9002}, {&(0x7f0000012000)="00000000000400"/32, 0x20, 0x9400}, {&(0x7f0000012100)="00000000000400"/32, 0xffffff36, 0x9800}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0x9c00}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0xa000}, {&(0x7f0000012400)="00000000000400"/32, 0x20, 0x200000a400}, {&(0x7f0000012500)="00000000000400"/32, 0x20, 0xa800}, {&(0x7f0000012600)="00000000000400"/32, 0x20, 0xac00}, {&(0x7f0000012700)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0xc000}, {&(0x7f0000012800)="0200"/32, 0x20, 0xc400}, {&(0x7f0000012900)="0300"/32, 0x20, 0xc800}, {&(0x7f0000012a00)="0400"/32, 0x20, 0xcc00}, {&(0x7f0000012b00)="0500"/32, 0x20, 0xd000}, {&(0x7f0000012c00)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000c00100"/96, 0x60, 0xd400}, {&(0x7f0000012d00)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x10000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x10400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x10800}, {&(0x7f0000000080)="040000000000620000000000000000000000000000000000000000000000e50a0000b09de9c293430ac06803bdb3", 0x20, 0x10c00}, {&(0x7f00000000c0)="0500"/32, 0x20, 0x11000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000c00100"/96, 0x60, 0x11400}, {&(0x7f0000013300)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d803050766696c653100"/64, 0x40, 0x14000}, {&(0x7f0000013400)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x18000}, {&(0x7f0000013900)='syzkallers\x00'/32, 0x20, 0x2}, {&(0x7f0000013a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x24000}, {&(0x7f0000000140)="4e2aa91066351161c96b771db5715c0587d35398a34ff19a68577e6122ef919919077e9d8387503b51d70dda8647fb3b70f804e52297a72c826f3b69b6e3e5b8efce5bf2c2b9fd61a9895bb01e33c0eb97b099d3ad8c0bbbdb83cf981c45fe59c089921ed4ae96d62386a7f135bc609a7f3a80357f", 0x0, 0x1f}, {&(0x7f00000007c0)="ae06929cf94df6d518c2289c04b2d281f2c5062f31851914c1b14f39bd75c58b745b34a4ab9976dc8ccc15b5be188c00ae1a6f7fb861d4de98925e954ca294bfc7c42a2d30e1faa614b6128509c8c455480167b8bb7fb2ba04f0468d22d80cc003dc1e2c5576b563cc53658a6fbbee901948c4a9cecbab0074eee66c9b81ee8385ee9a4709bad2362240f52b1813e0d4cc3ca0c27cf7b69c2decadb90c5c5297985e5aa574e4367833cd1322491d28512ee69956d62a84d7be87197956ae5a", 0x0, 0x8}, {&(0x7f0000000880)="50da91c9459781e288c4ae44ff5823ad7b4bc9c6f896c16aeb7cb73f0155388fe6a7f89cbebc7d86e94b2e94e082081105f25906fa5908ce2ec9da173e482d4713894973c7cfd8050a5f2b4619f6e3d0559543d59c4a69d37c4236a67e7b18ea03aa7de510e61c4b070ef192cfa0388035056284cad6ad48edc4a73ebdcac9b838fdc2f4", 0x0, 0x3}, {&(0x7f0000000940)="8370afdf7767c378b5b2cef917a83eeb3e122eb26d13f6b7c718644f5fb755810b3de5d1327263f8dc6e4d3aed6e9a29cfcf6ba4469150360a33154e3bc8de4ae872770ff35f2d2e1e43b6dbb6fca2671046612a7fb4690e03c7c74255fa7c4ae49031f612de4e5730a37d55bfebb030238bce3777c515425f88719ef69ae9b9ae1a801ea1e25ec88d9a2504c9becb3afd6ea86989e38dac92316fb476dc47823e1255eddbdfd84160f33c1d9f757ae4479c5e208b98562daadd08338e1529044a10422d4fdfbb", 0x0, 0x3}, {&(0x7f0000000a40)="ef171a1575e8a58a53f6ed5ef7fb87063c2dcd57184fc6770f655868df7e38900568b21b61bf0c2ecbdc850a71c8e3054d5e27783eff491fa6a473b7c074717daa1859206afdd54c7f85a152b680cc989a03f26d43b3cb82d4a70700d5da15eb2cb1b5b0e87f480fff300d912c65c7ed1db5994e88cc782529e294a07fb8e3fa90a37415a259099a73e340a44c7f9f0b44a4cfc801e0dd3ab95a5591e99f4e15fd586911e5a7ab76aaa1bcbb1238445004f9f5cd599ae278390329cb24f38c7a20d853f6243bf1d8059fbeb9b338e49d8b07dbc0eb9f1f26107a5a4b3dcb060e74a6dde4873a235412", 0x0, 0xd1a}, {&(0x7f0000000b40)="9d7289a56356de462434b68e69a2cb60d1d1c67d2a7084fb6364e5c15297331673382264f15319ee831f61e604be7c2e228fa7356d6fab2415e6666883be9a48352373c5fe88d1d6de1240f6acdf659d6fa68512d268196b4290c67fd0a8f13250033a526a905422ecbb8afc0ece41826e852db776ffb9b7ee1c21e124dd", 0x0, 0x40000000000000}, {&(0x7f0000000bc0)="fae43f74528b955b726318410576e71d00752c3db4f5c2131423f519c0cd1329960f9d6327def782b6fe7b6ff3d4f28072b9e14957a49609954fe3181a0f6e870f0af6ffa7de7ad4c96071a02b33ae44363e1a5fbc6bc4084acb05189a1e0623e37594693586059b4e3ceb6a5389351441218d93c5825959360eda991872ab4348d2d9", 0x0, 0x5}, {&(0x7f0000000c80)="d4ea4ebaa5b667b8c32b51782251e5e1ef72a9dcf3fe1e21672da38c8c95a2bfdcc205f29de54b5e38963d2e86fd8f84106b870dafd09f603285dce2680636a755ae0b1b2c33afde12a15620b1", 0x0, 0x7f}, {&(0x7f00000001c0)="fb6e7b1eaf6ee7c306a738a9c4a6617db219e74391393b9c989abd4ba5c6db5822976d55b1e78c8fd9e215f4988129f68e6cac22", 0x0, 0x4}, {&(0x7f0000000d00)="6260ac1a5ad5c1ea9ebb5e0e1c347e21ca654053b57b4c8f69fbc1e2e9f0fab246f1c87cf9804793f73483554cb97ece2b2719407b193c6fbdedc4931323512deac5541643e5b6f6fe5a4c0f381eec240fb30e0247c72ff43474792bd564501cc9a50c", 0x0, 0x4}, {&(0x7f0000000d80)="c3dac26b1cb6860fc31368ff5a0b1d4d49ef179546e7b66288becf828bac50a5715075470a1ce14bae7cb2b7d1594bcb2f9468568d5efce9156cf83088293ea4b2d564e216be34bf9ab20553dcba79778043e6a4a930fb1262fa7357e395a10af8ec12fb47a51b20d65283975f533c7147a2fe373fc99d9a17bf5001d27bce4750b56abf2842f2b91472ff6d08fed5d87081d5c4fc56dbf3205200d5a1aca3cf5906872d7a367635c9", 0xfffffffffffffdd2, 0x7}, {&(0x7f0000000e40)="6450416c37b97435f69475a137d78c77ca026457752869bdf18234e89d69751b1141d6a3a2e78379989d3b6059b0c249832006763b933360ad7216b912f3aaf31c60245c1306e5dcc638985665931c126bfce1d3dfbf109d978d55448773188040cc6f114f34d0967d4a2372f55a", 0x0, 0x7fff}, {&(0x7f0000000ec0)="ea114d22b7ff52000001f800000000000000"}, {&(0x7f0000000f00)="d0cbe2a441f8b2851e29ad19be1beec0fe0b0c72bcafd6a66bdefad82cd9ff709a48303378937fb5b718612b1b0ee6192c4ad2f3ebba4ff813d571a4ff8df7c8fedd45be1301cf8f38fd0aae3968b8fdce4d44eecf93c90069e41160a08edbb84077b87c1aab61f61f5302dfe84202c480837c67cb719b43bdfdc0f4188337d8562756e9a5e17d1a9674478e887b68c5b3669bfe15c1cd30984aa4cc55f21b5ca8a01bb9b9977f04a38e2ba70d7c2a623441f5b6da9ef3df7b0747d7a3b0ae09013994a27ddd6c262f7bb4e5e6ce8fddf455", 0x0, 0xfff}, {&(0x7f0000001000)="9dd87ea89bd68c86ede07a5bea", 0x0, 0x6f}], 0x0, &(0x7f0000013b00))

04:30:14 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x2000003, 0x10, r0, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ff2000/0x4000)=nil, 0x4000, 0x2000000, 0x50, r0, 0x10000000)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB="2c646566636f6e746578743d73797374656d5f752c736d61636b667366656f6f723dd2403a2d3a403a2424402c00bd5bb5168d7521d3e916bd4e095e0188c65399c47f03980ea05190ad1dba95aa587a63b1f56131ddd8aeb02408e2051743a68a8130267ec6e218d4814233fc9b04cb10a493f7978a38135d849d9ac6e73089c4b17773cdb4010433a1bd"])
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r7, 0x0, 0x0, 0x0, {0x10}, 0x1}, 0x5)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000280)={0x0, 0x2e3b}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000080)=<r9=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff})
r11 = socket$inet6_udplite(0xa, 0x2, 0x88)
r12 = dup2(r11, r10)
r13 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x0, 0x0)
dup2(r13, r12)
syz_io_uring_submit(r8, r9, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0xfe3b)
r14 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x101880, 0x0)
setsockopt$inet_tcp_TLS_RX(r14, 0x6, 0x2, &(0x7f0000000240)=@gcm_256={{0x303}, "a2dae5dd759c8e7c", "7310bc5cd428f01fe2ec75edf7154bcd5561f57106b6c2b94b061d43bbb60ac8", "d1b4a82a", "bed75168fe748f2d"}, 0x38)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:30:14 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xa1, 0x0, 0x0, 0x0)

04:30:14 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:30:14 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000240))

04:30:14 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xf5ff, 0x0, 0x0, 0x0)

04:30:14 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1421.458554] FAULT_INJECTION: forcing a failure.
[ 1421.458554] name failslab, interval 1, probability 0, space 0, times 0
[ 1421.460027] CPU: 0 PID: 8961 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1421.460869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1421.461866] Call Trace:
[ 1421.462189]  dump_stack+0x107/0x167
[ 1421.462628]  should_fail.cold+0x5/0xa
[ 1421.463094]  ? create_object.isra.0+0x3a/0xa20
[ 1421.463651]  should_failslab+0x5/0x20
[ 1421.464107]  kmem_cache_alloc+0x5b/0x310
[ 1421.464612]  ? mark_held_locks+0x9e/0xe0
[ 1421.465110]  create_object.isra.0+0x3a/0xa20
[ 1421.465644]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1421.466273]  kmem_cache_alloc_bulk+0x168/0x320
[ 1421.466827]  io_submit_sqes+0x6f76/0x85c0
[ 1421.467335]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1421.467930]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1421.468526]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1421.469130]  ? lock_downgrade+0x6d0/0x6d0
[ 1421.469629]  ? find_held_lock+0x2c/0x110
[ 1421.470119]  ? io_submit_sqes+0x85c0/0x85c0
[ 1421.470649]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1421.471225]  ? wait_for_completion_io+0x270/0x270
[ 1421.471804]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1421.472363]  ? vfs_write+0x354/0xa70
[ 1421.472822]  ? fput_many+0x2f/0x1a0
[ 1421.473264]  ? ksys_write+0x1a9/0x260
[ 1421.473720]  ? __ia32_sys_read+0xb0/0xb0
[ 1421.474207]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1421.474847]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1421.475465]  do_syscall_64+0x33/0x40
[ 1421.475905]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1421.476515] RIP: 0033:0x7fcdd7801b19
[ 1421.476968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1421.479187] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1421.480099] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1421.480992] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1421.481839] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1421.482701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1421.483554] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:30:14 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xffa1, 0x0, 0x0, 0x0)

04:30:14 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$FS_IOC_GETFSMAP(r6, 0xc0c0583b, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0x0, '\x00', [{0x0, 0x5, 0x3, 0x4, 0x8, 0x9}, {0x10001, 0xb4a, 0x8, 0xffffffff, 0x7, 0xff}], ['\x00', '\x00', '\x00', '\x00', '\x00']})
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:30:14 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0)

04:30:14 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:30:14 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xf5, 0x0, 0x0, 0x0)

04:30:14 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xfff5, 0x0, 0x0, 0x0)

04:30:14 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:30:14 executing program 1:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'team0\x00', &(0x7f00000001c0)=@ethtool_regs={0x4, 0x1, 0xdd, "1f42f76ebe3a95183bf2e4707ec570c1acc3732a09d376e373084116c872c2454cbdfbdf4bba9cb401deb724e448fb80d94b2f4fec4712b11c30cc16d3f6e34acccb4443ec66579ccd9853d9f222ddfdd72d6ca4e4d2d7b45934f144120df3a4e4b6b224df2ed4967687dc49236b09c5226ffe4a7bd6760b3c56702b6900bd4f49f96e4eceb90d7ed87f89204b653386064cada8720dc91124c4ed326f2e91cb1524ca5a477ba7791786565a434170d752ac51266f9733b2af3a5785c36eda83bd476c9c6059f1d00b9bdd5f33c789a2973788a3293a9e4a63dd65aecd"}})
r2 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r5, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0x0)
syz_io_uring_submit(r6, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1421.798680] FAULT_INJECTION: forcing a failure.
[ 1421.798680] name failslab, interval 1, probability 0, space 0, times 0
[ 1421.801457] CPU: 1 PID: 8987 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1421.802944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1421.804751] Call Trace:
[ 1421.805333]  dump_stack+0x107/0x167
[ 1421.806135]  should_fail.cold+0x5/0xa
[ 1421.806972]  ? create_object.isra.0+0x3a/0xa20
[ 1421.807972]  should_failslab+0x5/0x20
[ 1421.808824]  kmem_cache_alloc+0x5b/0x310
[ 1421.809715]  ? mark_held_locks+0x9e/0xe0
[ 1421.810611]  create_object.isra.0+0x3a/0xa20
[ 1421.811569]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1421.812696]  kmem_cache_alloc_bulk+0x168/0x320
[ 1421.813688]  io_submit_sqes+0x6f76/0x85c0
[ 1421.814588]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1421.815657]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1421.816746]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1421.817789]  ? lock_downgrade+0x6d0/0x6d0
[ 1421.818680]  ? find_held_lock+0x2c/0x110
[ 1421.819561]  ? io_submit_sqes+0x85c0/0x85c0
[ 1421.820501]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1421.821563]  ? wait_for_completion_io+0x270/0x270
[ 1421.822610]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1421.823613]  ? vfs_write+0x354/0xa70
[ 1421.824425]  ? fput_many+0x2f/0x1a0
[ 1421.825229]  ? ksys_write+0x1a9/0x260
[ 1421.826057]  ? __ia32_sys_read+0xb0/0xb0
[ 1421.826940]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1421.828071]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1421.829203]  do_syscall_64+0x33/0x40
[ 1421.830118]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1421.831223] RIP: 0033:0x7fcdd7801b19
[ 1421.832026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1421.835933] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1421.837654] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1421.839086] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1421.840512] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1421.841965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1421.843563] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
[ 1421.968969] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[ 1422.129016] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
04:30:29 executing program 2:
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0xb}, 0x0, 0x4, 0x2, 0x5, 0x8000, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f00000001c0)="201900d07642da921fd6ff11430c6c6b8c0ac5060048065e24ecf3bb8ce311427ac446646b66cda5c391a00fbccd665cde721d7307fdcb6b969016edfcfc7632c1f3819bab23a38c40d2318820e65ef0262cc5dd8b5bc96f21bc84022b67785d6741984f29f705f842bd5a087092", 0x6e, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="b904a86ff26a592022bff76e9500f80a8ab4303485af576223efd11582f4ddaf2a2cb7e1ca1e85570296302c150e6e55d92eb6238e6fb61b6c51b243986fadd34cf182818c2168ccc530bb951b25ae4290195e2cf88e46e94c0699daef56000000000000"])
syz_open_dev$sg(0x0, 0x3, 0x2a0000)
ioctl$BLKSECDISCARD(0xffffffffffffffff, 0x1278, &(0x7f00000001c0))
renameat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x1)

04:30:29 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0)

04:30:29 executing program 6:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r1=>r0, @ANYBLOB="05000000000000002e0100696c653100"])
ioctl$FICLONE(r1, 0x40049409, r0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x9)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, @out_args}, './file1\x00'})
ioctl$TIOCCBRK(r2, 0x5428)
write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:system_dbusd_var_lib_t:s0\x00', 0x2c)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)

04:30:29 executing program 1:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x311100, 0x0)
r1 = syz_io_uring_setup(0x3157, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r4, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r1, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:30:29 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0x0, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:30:29 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:30:29 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0)

04:30:29 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x400000, 0x0, 0x0, 0x0)

[ 1436.724979] FAULT_INJECTION: forcing a failure.
[ 1436.724979] name failslab, interval 1, probability 0, space 0, times 0
[ 1436.728521] CPU: 0 PID: 9026 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1436.730190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1436.732202] Call Trace:
[ 1436.732855]  dump_stack+0x107/0x167
[ 1436.733751]  should_fail.cold+0x5/0xa
[ 1436.734687]  ? create_object.isra.0+0x3a/0xa20
[ 1436.735808]  should_failslab+0x5/0x20
[ 1436.736736]  kmem_cache_alloc+0x5b/0x310
[ 1436.737748]  ? mark_held_locks+0x9e/0xe0
[ 1436.738749]  create_object.isra.0+0x3a/0xa20
[ 1436.739820]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1436.740997]  kmem_cache_alloc_bulk+0x168/0x320
[ 1436.741960]  io_submit_sqes+0x6f76/0x85c0
[ 1436.742828]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1436.743882]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1436.744926]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1436.745933]  ? lock_downgrade+0x6d0/0x6d0
[ 1436.746793]  ? find_held_lock+0x2c/0x110
[ 1436.747644]  ? io_submit_sqes+0x85c0/0x85c0
[ 1436.748552]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1436.749618]  ? wait_for_completion_io+0x270/0x270
[ 1436.750624]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1436.751589]  ? vfs_write+0x354/0xa70
[ 1436.752377]  ? fput_many+0x2f/0x1a0
[ 1436.753149]  ? ksys_write+0x1a9/0x260
[ 1436.753940]  ? __ia32_sys_read+0xb0/0xb0
[ 1436.754795]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1436.755888]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1436.756988]  do_syscall_64+0x33/0x40
[ 1436.757770]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1436.758836] RIP: 0033:0x7fcdd7801b19
[ 1436.759615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1436.763477] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1436.765075] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1436.766554] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1436.768033] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1436.769520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1436.771000] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
[ 1436.849066] EXT4-fs (loop2): Unrecognized mount option "¹¨oòjY "¿÷n•" or missing value
04:30:29 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x4000, 0x0, 0x0, 0x0)

04:30:29 executing program 6:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000002000210c000020722a91cfe757e92e00000000b3d951a0dfc556e6c1", @ANYRES32=0x0, @ANYBLOB="0c0011000000000000000000"], 0x28}}, 0x0)
close_range(r1, r0, 0x0)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYRES32=<r2=>r1, @ANYBLOB="0000f503e7e8034978050300002e0500696c653010000000000000"])
r3 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r3], 0x1}, 0x58)
perf_event_open(&(0x7f0000000440)={0x5, 0x80, 0x4, 0x1, 0x40, 0xff, 0x0, 0x6, 0x80080, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000000), 0xa}, 0x12a04, 0xffffffff, 0x1ff, 0x7, 0x5, 0x6, 0x9, 0x0, 0xfff, 0x0, 0x100}, r3, 0xc, r2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
r5 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, r4)
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000140), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r5)
keyctl$revoke(0x3, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/snmp6\x00')
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGSERIAL(r6, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=""/182})
unshare(0x48020200)

04:30:29 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0)

[ 1436.915791] EXT4-fs (loop2): Unrecognized mount option "¹¨oòjY "¿÷n•" or missing value
04:30:29 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0)

04:30:29 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:30:29 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
pipe2(&(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x44000)
r5 = openat(r4, &(0x7f00000001c0)='./file0\x00', 0x4c100, 0x82)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x4000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r7 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r8=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r7], 0x1}, 0x58)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r9}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r8, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r9}}, 0xae8b)
syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x4, 0x0, r5, &(0x7f0000000240)={0x2008}, 0xffffffffffffffff, 0x3, 0x0, 0x0, {0x0, r9}}, 0x9)
pipe(&(0x7f00000001c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7472676e733d66642c7266646e6f3d5a77e8216026611aabf9bb998cb8ecb06e6193a384e0250c666156188f73651aa9fb35e19bdbaa3fe2b55655bda57a7e8a7fd3fbf5ab3cfdf56992223c482a846e3fc770e79402fb25691cda2d1c6b49d5c9e29b26f70c25ead4a6c71865eef854", @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB="2c646566636f6e746578743d73797374656d5f752c736d61636b6673666c6f6f723dd2403a2d3a403a2424402c00"])
pipe(&(0x7f00000001c0)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r12}, 0x2c, {'wfdno', 0x3d, r13}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
io_uring_register$IORING_REGISTER_EVENTFD(r10, 0x4, &(0x7f0000000200)=r12, 0x1)

04:30:29 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000180)={0xe93, 0x1, 0x1})
sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}, 0x404c008)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @empty}, 0x1}, 0x1c)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$inet6(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x1c, 0x4a, 0xc21, 0x0, 0x0, {0xa, 0x0, 0x2}, [@generic="65eed358f4"]}, 0x1c}}, 0x0)

04:30:30 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

[ 1437.136721] FAULT_INJECTION: forcing a failure.
[ 1437.136721] name failslab, interval 1, probability 0, space 0, times 0
[ 1437.138614] CPU: 0 PID: 9067 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1437.139550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1437.140762] Call Trace:
[ 1437.141162]  dump_stack+0x107/0x167
[ 1437.141697]  should_fail.cold+0x5/0xa
[ 1437.142243]  ? create_object.isra.0+0x3a/0xa20
[ 1437.142904]  should_failslab+0x5/0x20
[ 1437.143453]  kmem_cache_alloc+0x5b/0x310
[ 1437.144063]  ? mark_held_locks+0x9e/0xe0
[ 1437.144662]  create_object.isra.0+0x3a/0xa20
[ 1437.145325]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1437.146074]  kmem_cache_alloc_bulk+0x168/0x320
[ 1437.146751]  io_submit_sqes+0x6f76/0x85c0
[ 1437.147345]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1437.148070]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1437.148803]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1437.149654]  ? lock_downgrade+0x6d0/0x6d0
[ 1437.150261]  ? find_held_lock+0x2c/0x110
[ 1437.150856]  ? io_submit_sqes+0x85c0/0x85c0
[ 1437.151497]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1437.152214]  ? wait_for_completion_io+0x270/0x270
[ 1437.152954]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1437.153635]  ? vfs_write+0x354/0xa70
[ 1437.154185]  ? fput_many+0x2f/0x1a0
[ 1437.154723]  ? ksys_write+0x1a9/0x260
[ 1437.155283]  ? __ia32_sys_read+0xb0/0xb0
[ 1437.155882]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1437.156651]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1437.157408]  do_syscall_64+0x33/0x40
[ 1437.157946]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1437.158676] RIP: 0033:0x7fcdd7801b19
[ 1437.159219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1437.161900] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1437.162973] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1437.163953] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1437.164954] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1437.165939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1437.166913] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:30:44 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:30:44 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:30:44 executing program 6:
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x101}, 0x4c20, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x4c9c6ddbde36f895, 0x26)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x28, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0x14, 0x11, 0x0, 0x1, [@generic="809801a7b0c7dba09475f251c743092f"]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x0)

04:30:44 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff2000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000001, 0x0, @perf_config_ext={0x0, 0x403}, 0x44188, 0x40000000, 0x100000, 0x0, 0x0, 0x1, 0x4f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:30:44 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0)

04:30:44 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xa1ff, 0x0, 0x0, 0x0)

04:30:44 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:30:44 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0xfffffffe, 0x3, 0x0, 0x40}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00')
readv(r2, &(0x7f0000001600)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1)
syz_open_procfs(0x0, &(0x7f0000000280)='fd/4\x00')
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f00000002c0)={<r4=>0x0})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x404040, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000400)={r4, 0x0, r5, 0x200, 0x80000})
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x6, 0x20, 0x0, 0x5, 0x0, 0x1, 0x10, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x64bb, 0x4, @perf_bp={&(0x7f0000000180), 0xb}, 0x6307defed897a6f3, 0x10000, 0x4, 0x7, 0x3f, 0x8, 0x2, 0x0, 0x81, 0x0, 0x7}, r1, 0x5, r3, 0xf)
mount$9p_unix(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x173000, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x100000, &(0x7f0000000440)=ANY=[])
mount$bind(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x17810, 0x0)
umount2(&(0x7f0000000200)='./file0/../file0\x00', 0x0)
unshare(0x48020200)
setxattr$trusted_overlay_opaque(&(0x7f0000000440)='./file1\x00', &(0x7f0000000480), &(0x7f00000014c0), 0x2, 0x0)

[ 1451.288999] FAULT_INJECTION: forcing a failure.
[ 1451.288999] name failslab, interval 1, probability 0, space 0, times 0
[ 1451.291827] CPU: 0 PID: 9093 Comm: syz-executor.0 Not tainted 5.10.207 #1
[ 1451.293317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1451.295135] Call Trace:
[ 1451.295723]  dump_stack+0x107/0x167
[ 1451.296539]  should_fail.cold+0x5/0xa
[ 1451.297448]  should_failslab+0x5/0x20
[ 1451.298304]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1451.299330]  io_submit_sqes+0x6f76/0x85c0
[ 1451.300263]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1451.301372]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1451.302475]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1451.303576]  ? lock_downgrade+0x6d0/0x6d0
[ 1451.304475]  ? find_held_lock+0x2c/0x110
[ 1451.305414]  ? io_submit_sqes+0x85c0/0x85c0
[ 1451.306359]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1451.307412]  ? wait_for_completion_io+0x270/0x270
[ 1451.308453]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1451.309451]  ? vfs_write+0x354/0xa70
[ 1451.310255]  ? fput_many+0x2f/0x1a0
[ 1451.311039]  ? ksys_write+0x1a9/0x260
[ 1451.311847]  ? __ia32_sys_read+0xb0/0xb0
[ 1451.312722]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1451.313862]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1451.314978]  do_syscall_64+0x33/0x40
[ 1451.315768]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1451.316861] RIP: 0033:0x7f4dd0a69b19
[ 1451.317650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1451.321675] RSP: 002b:00007f4dcdfdf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1451.323308] RAX: ffffffffffffffda RBX: 00007f4dd0b7cf60 RCX: 00007f4dd0a69b19
[ 1451.324833] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1451.324853] RBP: 00007f4dcdfdf1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1451.327915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1451.329442] R13: 00007fffd4ee012f R14: 00007f4dcdfdf300 R15: 0000000000022000
[ 1451.342780] FAULT_INJECTION: forcing a failure.
[ 1451.342780] name failslab, interval 1, probability 0, space 0, times 0
[ 1451.345519] CPU: 0 PID: 9091 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1451.346983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1451.348765] Call Trace:
[ 1451.349332]  dump_stack+0x107/0x167
[ 1451.350116]  should_fail.cold+0x5/0xa
[ 1451.350924]  ? create_object.isra.0+0x3a/0xa20
[ 1451.351891]  ? create_object.isra.0+0x3a/0xa20
[ 1451.352864]  should_failslab+0x5/0x20
[ 1451.353680]  kmem_cache_alloc+0x5b/0x310
[ 1451.354564]  create_object.isra.0+0x3a/0xa20
[ 1451.354933] debugfs: Directory '€˜
§°ÇÛ ”uòQÇC	!' with parent 'ieee80211' already present!
[ 1451.355494]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1451.355522]  kmem_cache_alloc_bulk+0x168/0x320
[ 1451.355548]  io_submit_sqes+0x6f76/0x85c0
[ 1451.355577]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1451.361255]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1451.362312]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1451.363351]  ? lock_downgrade+0x6d0/0x6d0
[ 1451.364235]  ? find_held_lock+0x2c/0x110
[ 1451.365107]  ? io_submit_sqes+0x85c0/0x85c0
[ 1451.366039]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1451.367073]  ? wait_for_completion_io+0x270/0x270
[ 1451.368093]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1451.369102]  ? vfs_write+0x354/0xa70
[ 1451.369931]  ? fput_many+0x2f/0x1a0
[ 1451.370701]  ? ksys_write+0x1a9/0x260
[ 1451.371529]  ? __ia32_sys_read+0xb0/0xb0
[ 1451.372386]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1451.373517]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1451.374608]  do_syscall_64+0x33/0x40
[ 1451.375386]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1451.376456] RIP: 0033:0x7fcdd7801b19
[ 1451.377256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1451.381132] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1451.382785] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1451.384273] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1451.385771] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1451.387259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1451.388747] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:30:44 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000004, 0x10, r0, 0x8000000)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
io_uring_enter(0xffffffffffffffff, 0x19f2, 0x730c, 0x2, &(0x7f0000000300)={[0x8]}, 0x8)
r5 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0)=<r6=>0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r5], 0x1}, 0x58)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r7}}, 0x10000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4004, @fd=r6, 0x1, 0x401, 0x8, 0x4, 0x0, {0x2, r7}}, 0xae8b)
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r9, @ANYBLOB="2c646566636f6e746578743d737973000000000000000861636b6673666c6f6f723dd2403a2d3a403a2424402c00"])
mknodat$loop(r9, &(0x7f00000002c0)='./file0/file0\x00', 0x2000, 0x1)
syz_io_uring_submit(r4, r2, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd=r0, 0x101, 0x0, 0xa06, 0x2, 0x1, {0x0, r7}}, 0x5c)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00')
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:30:44 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xf5ff, 0x0, 0x0, 0x0)

04:30:44 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x0, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1451.631420] sysfs: cannot create duplicate filename '/class/ieee80211/€˜
§°ÇÛ ”uòQÇC	!'
[ 1451.632939] CPU: 0 PID: 9112 Comm: syz-executor.6 Not tainted 5.10.207 #1
[ 1451.634182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1451.635577] Call Trace:
[ 1451.636031]  dump_stack+0x107/0x167
[ 1451.636673]  sysfs_warn_dup.cold+0x1c/0x29
[ 1451.637386]  sysfs_do_create_link_sd+0x122/0x140
[ 1451.638193]  sysfs_create_link+0x5f/0xc0
[ 1451.638915]  device_add+0x703/0x1c50
[ 1451.639555]  ? devlink_add_symlinks+0x970/0x970
[ 1451.640403]  ? ieee80211_set_bitrate_flags+0x202/0x620
[ 1451.641296]  wiphy_register+0x1da6/0x2850
[ 1451.642020]  ? wiphy_unregister+0xb90/0xb90
[ 1451.642810]  ? ieee80211_init_rate_ctrl_alg+0x121/0x500
[ 1451.643753]  ieee80211_register_hw+0x23c5/0x38b0
[ 1451.644564]  ? ieee80211_ifa6_changed+0x4d0/0x4d0
[ 1451.645434]  ? net_generic+0xdb/0x2b0
[ 1451.646107]  ? lockdep_init_map_type+0x2c7/0x780
[ 1451.646949]  ? memset+0x20/0x50
[ 1451.647513]  ? __hrtimer_init+0x12c/0x270
[ 1451.648243]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1451.649171]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1451.650003]  ? hwsim_new_radio_nl+0x967/0x1080
[ 1451.650763]  ? memcpy+0x39/0x60
04:30:44 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xa1ffffff, 0x0, 0x0, 0x0)

[ 1451.651337]  hwsim_new_radio_nl+0x991/0x1080
[ 1451.652606]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1451.653926]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1451.655554]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1451.657166]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1451.658364]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1451.660028]  ? cap_capable+0x1cd/0x230
[ 1451.661091]  ? ns_capable+0xe2/0x110
[ 1451.661990]  genl_rcv_msg+0x33c/0x5a0
[ 1451.662860]  ? genl_get_cmd+0x480/0x480
[ 1451.663736]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1451.664906]  ? lock_release+0x680/0x680
[ 1451.665793]  ? __lockdep_reset_lock+0x180/0x180
[ 1451.666843]  netlink_rcv_skb+0x14b/0x430
[ 1451.667746]  ? genl_get_cmd+0x480/0x480
[ 1451.668636]  ? netlink_ack+0xab0/0xab0
[ 1451.669535]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1451.670544]  ? is_vmalloc_addr+0x7b/0xb0
[ 1451.671459]  genl_rcv+0x24/0x40
[ 1451.672194]  netlink_unicast+0x549/0x7f0
[ 1451.673137]  ? netlink_attachskb+0x870/0x870
[ 1451.674110]  ? __virt_addr_valid+0x128/0x350
[ 1451.675091]  netlink_sendmsg+0x90f/0xdf0
[ 1451.675996]  ? netlink_unicast+0x7f0/0x7f0
[ 1451.676957]  ? netlink_unicast+0x7f0/0x7f0
[ 1451.677910]  __sock_sendmsg+0x154/0x190
[ 1451.678793]  ____sys_sendmsg+0x70d/0x870
[ 1451.679705]  ? sock_write_iter+0x3d0/0x3d0
[ 1451.680652]  ? do_recvmmsg+0x6d0/0x6d0
[ 1451.681535]  ? perf_trace_lock+0xac/0x490
[ 1451.682490]  ? __lockdep_reset_lock+0x180/0x180
[ 1451.683522]  ? __delete_object+0xb3/0x100
[ 1451.684466]  ___sys_sendmsg+0xf3/0x170
[ 1451.685361]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1451.686391]  ? lock_downgrade+0x6d0/0x6d0
[ 1451.687314]  ? __kasan_slab_free+0x122/0x160
[ 1451.688296]  ? futex_exit_release+0x220/0x220
[ 1451.689319]  ? __fget_files+0x296/0x4c0
[ 1451.690219]  ? __fget_light+0xea/0x290
[ 1451.691093]  __sys_sendmsg+0xe5/0x1b0
[ 1451.691942]  ? __sys_sendmsg_sock+0x40/0x40
[ 1451.692903]  ? __do_sys_futex+0x2bb/0x480
[ 1451.693849]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1451.695036]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1451.696253]  do_syscall_64+0x33/0x40
[ 1451.697109]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1451.698253] RIP: 0033:0x7fe9a702ab19
[ 1451.699081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1451.703232] RSP: 002b:00007fe9a457f188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1451.704924] RAX: ffffffffffffffda RBX: 00007fe9a713e020 RCX: 00007fe9a702ab19
[ 1451.706533] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006
[ 1451.708102] RBP: 00007fe9a7084f6d R08: 0000000000000000 R09: 0000000000000000
[ 1451.709690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1451.711271] R13: 00007fff385642df R14: 00007fe9a457f300 R15: 0000000000022000
04:30:44 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:30:44 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:30:44 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xffa1, 0x0, 0x0, 0x0)

[ 1451.829040] FAULT_INJECTION: forcing a failure.
[ 1451.829040] name failslab, interval 1, probability 0, space 0, times 0
[ 1451.832099] CPU: 0 PID: 9124 Comm: syz-executor.0 Not tainted 5.10.207 #1
[ 1451.833535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1451.835253] Call Trace:
[ 1451.835937]  dump_stack+0x107/0x167
[ 1451.836755]  should_fail.cold+0x5/0xa
[ 1451.837582]  ? create_object.isra.0+0x3a/0xa20
[ 1451.838538]  should_failslab+0x5/0x20
[ 1451.839330]  kmem_cache_alloc+0x5b/0x310
[ 1451.840178]  create_object.isra.0+0x3a/0xa20
[ 1451.841134]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1451.842215]  kmem_cache_alloc_bulk+0x168/0x320
[ 1451.843169]  io_submit_sqes+0x6f76/0x85c0
[ 1451.844031]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1451.845126]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1451.846165]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1451.847239]  ? lock_downgrade+0x6d0/0x6d0
[ 1451.848093]  ? find_held_lock+0x2c/0x110
[ 1451.848944]  ? io_submit_sqes+0x85c0/0x85c0
[ 1451.849860]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1451.850859]  ? wait_for_completion_io+0x270/0x270
[ 1451.851860]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1451.852819]  ? vfs_write+0x354/0xa70
[ 1451.853602]  ? fput_many+0x2f/0x1a0
[ 1451.854360]  ? ksys_write+0x1a9/0x260
[ 1451.855149]  ? __ia32_sys_read+0xb0/0xb0
[ 1451.855993]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1451.857088]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1451.858160]  do_syscall_64+0x33/0x40
[ 1451.858927]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1451.860041] RIP: 0033:0x7f4dd0a69b19
[ 1451.860815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1451.864684] RSP: 002b:00007f4dcdfdf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1451.866276] RAX: ffffffffffffffda RBX: 00007f4dd0b7cf60 RCX: 00007f4dd0a69b19
[ 1451.867755] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1451.869255] RBP: 00007f4dcdfdf1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1451.870729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1451.872205] R13: 00007fffd4ee012f R14: 00007f4dcdfdf300 R15: 0000000000022000
[ 1451.926960] FAULT_INJECTION: forcing a failure.
[ 1451.926960] name failslab, interval 1, probability 0, space 0, times 0
[ 1451.929789] CPU: 1 PID: 9130 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1451.931180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1451.932859] Call Trace:
[ 1451.933417]  dump_stack+0x107/0x167
[ 1451.934171]  should_fail.cold+0x5/0xa
[ 1451.934953]  ? create_object.isra.0+0x3a/0xa20
[ 1451.935888]  should_failslab+0x5/0x20
[ 1451.936661]  kmem_cache_alloc+0x5b/0x310
[ 1451.937493]  ? mark_held_locks+0x9e/0xe0
[ 1451.938319]  create_object.isra.0+0x3a/0xa20
[ 1451.939215]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1451.940229]  kmem_cache_alloc_bulk+0x168/0x320
[ 1451.941183]  io_submit_sqes+0x6f76/0x85c0
[ 1451.942030]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1451.943036]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1451.944046]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1451.945077]  ? lock_downgrade+0x6d0/0x6d0
[ 1451.945913]  ? find_held_lock+0x2c/0x110
[ 1451.946742]  ? io_submit_sqes+0x85c0/0x85c0
[ 1451.947634]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1451.948614]  ? wait_for_completion_io+0x270/0x270
[ 1451.949609]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1451.950549]  ? vfs_write+0x354/0xa70
[ 1451.951308]  ? fput_many+0x2f/0x1a0
[ 1451.952046]  ? ksys_write+0x1a9/0x260
[ 1451.952818]  ? __ia32_sys_read+0xb0/0xb0
[ 1451.953660]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1451.954719]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1451.955781]  do_syscall_64+0x33/0x40
[ 1451.956525]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1451.957565] RIP: 0033:0x7fcdd7801b19
[ 1451.958324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1451.962055] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1451.963596] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1451.965035] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1451.966462] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1451.967882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1451.969319] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:30:44 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xf5ffffff, 0x0, 0x0, 0x0)

04:30:44 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:30:44 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xfff5, 0x0, 0x0, 0x0)

04:30:45 executing program 6:
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e6661", 0xa, 0x5}, {0x0, 0x0, 0x4002}], 0x818c10, &(0x7f0000001500)=ANY=[])
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x7}}, './file1\x00'})

04:30:45 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140)={0x0, 0x0, 0x31}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ac, 0x0, 0x0, 0x0, 0x0)

04:30:45 executing program 6:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000000)='\x00', 0x0)
write(r0, &(0x7f0000000180)="f5", 0x1)
r1 = dup(r0)
sendfile(r1, r1, &(0x7f0000000040), 0x3fffc000000000)
r2 = fsmount(r1, 0x0, 0x77)
write$P9_RREADLINK(r2, &(0x7f0000000080)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10)

04:31:01 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xffffffa1, 0x0, 0x0, 0x0)

04:31:01 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:31:01 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x400000, 0x0, 0x0, 0x0)

04:31:01 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:31:01 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f00000000c0)=0x5)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448ca, &(0x7f0000000080))

04:31:01 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
r6 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r6], 0x1}, 0x58)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0xb1d0, 0x5, 0x0, {0x0, r7}}, 0x10000)
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x5, 0x0, @fd=r9, 0x7f, 0x0, 0x5c, 0x3, 0x1}, 0xae8b)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:31:01 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:31:01 executing program 6:
readv(0xffffffffffffffff, &(0x7f0000000780), 0x1000000000000044)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[])
r3 = memfd_create(&(0x7f0000000340)='\x00', 0x0)
fcntl$addseals(r3, 0x409, 0xe)
fallocate(r3, 0x0, 0x0, 0x4)
chdir(&(0x7f0000000040)='./file0\x00')
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0), 0xd}, 0x0, 0x0, 0x0, 0x0, 0x3fffffffffffffff, 0x9b84, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file2\x00')
creat(&(0x7f0000000200)='./file1\x00', 0x2)
creat(&(0x7f0000000100)='./file0\x00', 0x1d)
openat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x509441, 0x18e)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
dup(0xffffffffffffffff)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat(r2, &(0x7f0000000280)='./file0\x00', 0x10200, 0x120)

[ 1468.099948] FAULT_INJECTION: forcing a failure.
[ 1468.099948] name failslab, interval 1, probability 0, space 0, times 0
[ 1468.102422] CPU: 1 PID: 9173 Comm: syz-executor.0 Not tainted 5.10.207 #1
[ 1468.103844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1468.105571] Call Trace:
[ 1468.106126]  dump_stack+0x107/0x167
[ 1468.106893]  should_fail.cold+0x5/0xa
[ 1468.107688]  ? create_object.isra.0+0x3a/0xa20
[ 1468.108643]  should_failslab+0x5/0x20
[ 1468.109462]  kmem_cache_alloc+0x5b/0x310
[ 1468.110313]  ? mark_held_locks+0x9e/0xe0
[ 1468.111169]  create_object.isra.0+0x3a/0xa20
[ 1468.112095]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1468.113171]  kmem_cache_alloc_bulk+0x168/0x320
[ 1468.114163]  io_submit_sqes+0x6f76/0x85c0
[ 1468.115042]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1468.116100]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1468.117148]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1468.118207]  ? lock_downgrade+0x6d0/0x6d0
[ 1468.119080]  ? find_held_lock+0x2c/0x110
[ 1468.119944]  ? io_submit_sqes+0x85c0/0x85c0
[ 1468.120865]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1468.121901]  ? wait_for_completion_io+0x270/0x270
[ 1468.122905]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1468.123872]  ? vfs_write+0x354/0xa70
[ 1468.124650]  ? fput_many+0x2f/0x1a0
[ 1468.125415]  ? ksys_write+0x1a9/0x260
[ 1468.126207]  ? __ia32_sys_read+0xb0/0xb0
[ 1468.127057]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1468.128143]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1468.129227]  do_syscall_64+0x33/0x40
[ 1468.130002]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1468.131062] RIP: 0033:0x7f4dd0a69b19
[ 1468.131839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1468.135667] RSP: 002b:00007f4dcdfdf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1468.137258] RAX: ffffffffffffffda RBX: 00007f4dd0b7cf60 RCX: 00007f4dd0a69b19
[ 1468.138737] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1468.140216] RBP: 00007f4dcdfdf1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1468.141702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1468.143215] R13: 00007fffd4ee012f R14: 00007f4dcdfdf300 R15: 0000000000022000
04:31:01 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0)

[ 1468.157786] FAULT_INJECTION: forcing a failure.
[ 1468.157786] name failslab, interval 1, probability 0, space 0, times 0
[ 1468.159262] CPU: 0 PID: 9187 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1468.160071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1468.161059] Call Trace:
[ 1468.161387]  dump_stack+0x107/0x167
[ 1468.161828]  should_fail.cold+0x5/0xa
[ 1468.162292]  ? create_object.isra.0+0x3a/0xa20
[ 1468.162844]  should_failslab+0x5/0x20
[ 1468.163297]  kmem_cache_alloc+0x5b/0x310
[ 1468.163782]  ? mark_held_locks+0x9e/0xe0
[ 1468.164268]  create_object.isra.0+0x3a/0xa20
[ 1468.164795]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1468.165429]  kmem_cache_alloc_bulk+0x168/0x320
[ 1468.165984]  io_submit_sqes+0x6f76/0x85c0
[ 1468.166476]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1468.167062]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1468.167673]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1468.168241]  ? lock_downgrade+0x6d0/0x6d0
[ 1468.168738]  ? find_held_lock+0x2c/0x110
[ 1468.169241]  ? io_submit_sqes+0x85c0/0x85c0
[ 1468.169762]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1468.170382]  ? wait_for_completion_io+0x270/0x270
[ 1468.170973]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1468.171566]  ? vfs_write+0x354/0xa70
[ 1468.172040]  ? fput_many+0x2f/0x1a0
[ 1468.172482]  ? ksys_write+0x1a9/0x260
[ 1468.172966]  ? __ia32_sys_read+0xb0/0xb0
[ 1468.173486]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1468.174157]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1468.174816]  do_syscall_64+0x33/0x40
[ 1468.175278]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1468.175929] RIP: 0033:0x7fcdd7801b19
[ 1468.176400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1468.178756] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1468.179712] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1468.180612] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1468.181515] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1468.182343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1468.183222] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:31:01 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10810, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r3=>r0, {0x4007f}}, './file1\x00'})
openat2(r3, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0xc04, 0x46, 0x4}, 0x18)
rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000600)={0x0, 0x0, 0xfffffffb})

04:31:01 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:31:01 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x0, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

[ 1468.356010] FAULT_INJECTION: forcing a failure.
[ 1468.356010] name failslab, interval 1, probability 0, space 0, times 0
[ 1468.358800] CPU: 1 PID: 9209 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1468.360292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1468.362132] Call Trace:
[ 1468.362704]  dump_stack+0x107/0x167
[ 1468.363501]  should_fail.cold+0x5/0xa
[ 1468.364339]  should_failslab+0x5/0x20
[ 1468.365173]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1468.366151]  io_submit_sqes+0x6f76/0x85c0
[ 1468.367100]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1468.368187]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1468.369290]  ? lock_downgrade+0x6d0/0x6d0
[ 1468.370178]  ? find_held_lock+0x2c/0x110
[ 1468.371085]  ? io_submit_sqes+0x85c0/0x85c0
[ 1468.372018]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1468.373055]  ? wait_for_completion_io+0x270/0x270
[ 1468.374100]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1468.375096]  ? vfs_write+0x354/0xa70
[ 1468.375901]  ? fput_many+0x2f/0x1a0
[ 1468.376681]  ? ksys_write+0x1a9/0x260
[ 1468.377507]  ? __ia32_sys_read+0xb0/0xb0
[ 1468.378383]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1468.379504]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1468.380619]  do_syscall_64+0x33/0x40
[ 1468.381432]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1468.382525] RIP: 0033:0x7fcdd7801b19
[ 1468.383306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1468.387251] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1468.388903] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1468.390478] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1468.392039] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1468.393595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1468.395160] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:31:15 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:31:15 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x0, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:31:15 executing program 6:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000180)='./file0\x00', 0x74)
close_range(r0, 0xffffffffffffffff, 0x0)
write$selinux_attr(0xffffffffffffffff, &(0x7f00000000c0)='system_u:object_r:hald_keymap_exec_t:s0\x00', 0x28)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000040)={0x0, 0x80})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000760608580fb9900100000008000300b87a02935e1c841d2d450b4d331e3486dc46909977b382b098b1fd6f1aa3148814bdba34c5ecf58e74fffd1164339af2592b881be86c18dfd261359d29d13cf1525951d310bf3e203c6f917417d2c7b5fef45363fc26700203404937ceb7c6", @ANYRES32=r3, @ANYBLOB="0000a006de33128e"], 0x24}}, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000380), 0x8, 0x800)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140)={[{@delalloc}]})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200), 0x3)

04:31:15 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0)

04:31:15 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xfffffff5, 0x0, 0x0, 0x0)

04:31:15 executing program 2:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in=@local}, 0x0, @in6=@dev}}, &(0x7f0000000040)=0xe8)
getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, <r1=>0x0}, &(0x7f0000000200)=0x14)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'lo\x00', <r4=>0x0})
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000040)=0x3f, 0x4)
bind$packet(r2, &(0x7f0000000240)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x1d0, 0x0, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}]}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000500)={'ipvlan1\x00'})
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f00000002c0)={0x0, 0x0, 0xffffff95})

04:31:15 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:31:15 executing program 1:
r0 = syz_io_uring_setup(0x315f, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1482.598772] FAULT_INJECTION: forcing a failure.
[ 1482.598772] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1482.601768] CPU: 0 PID: 9227 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1482.603178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1482.604874] Call Trace:
[ 1482.605430]  dump_stack+0x107/0x167
[ 1482.606189]  should_fail.cold+0x5/0xa
[ 1482.606980]  __alloc_pages_nodemask+0x182/0x600
[ 1482.607942]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 1482.609202]  alloc_pages_current+0x187/0x280
[ 1482.610132]  allocate_slab+0x26f/0x380
[ 1482.610947]  ___slab_alloc+0x470/0x700
[ 1482.611765]  ? io_submit_sqes+0x6f76/0x85c0
[ 1482.612683]  ? kmem_cache_alloc_bulk+0x1ec/0x320
[ 1482.613687]  kmem_cache_alloc_bulk+0x1ec/0x320
[ 1482.614638]  io_submit_sqes+0x6f76/0x85c0
[ 1482.615530]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1482.616562]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1482.617571]  ? lock_downgrade+0x6d0/0x6d0
[ 1482.618428]  ? find_held_lock+0x2c/0x110
[ 1482.619275]  ? io_submit_sqes+0x85c0/0x85c0
[ 1482.620184]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1482.621189]  ? wait_for_completion_io+0x270/0x270
[ 1482.622195]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1482.623158]  ? vfs_write+0x354/0xa70
[ 1482.623933]  ? fput_many+0x2f/0x1a0
[ 1482.624691]  ? ksys_write+0x1a9/0x260
[ 1482.625498]  ? __ia32_sys_read+0xb0/0xb0
[ 1482.625678] ata1.00: invalid service action 31
[ 1482.626341]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1482.626359]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1482.626389]  do_syscall_64+0x33/0x40
[ 1482.626407]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1482.626419] RIP: 0033:0x7fcdd7801b19
[ 1482.632143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1482.635942] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1482.637515] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1482.638980] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1482.640443] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1482.641909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1482.643379] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
[ 1482.663663] FAULT_INJECTION: forcing a failure.
[ 1482.663663] name failslab, interval 1, probability 0, space 0, times 0
[ 1482.666448] CPU: 0 PID: 9239 Comm: syz-executor.0 Not tainted 5.10.207 #1
[ 1482.667862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1482.669581] Call Trace:
[ 1482.670128]  dump_stack+0x107/0x167
[ 1482.670885]  should_fail.cold+0x5/0xa
[ 1482.671674]  ? create_object.isra.0+0x3a/0xa20
[ 1482.672621]  should_failslab+0x5/0x20
[ 1482.673426]  kmem_cache_alloc+0x5b/0x310
[ 1482.674264]  ? mark_held_locks+0x9e/0xe0
[ 1482.675109]  create_object.isra.0+0x3a/0xa20
[ 1482.676018]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1482.677087]  kmem_cache_alloc_bulk+0x168/0x320
[ 1482.678045]  io_submit_sqes+0x6f76/0x85c0
[ 1482.678913]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1482.679934]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1482.680968]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1482.681987]  ? lock_downgrade+0x6d0/0x6d0
[ 1482.682842]  ? find_held_lock+0x2c/0x110
[ 1482.683700]  ? io_submit_sqes+0x85c0/0x85c0
[ 1482.684601]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1482.685632]  ? wait_for_completion_io+0x270/0x270
[ 1482.686631]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1482.687598]  ? vfs_write+0x354/0xa70
[ 1482.688371]  ? fput_many+0x2f/0x1a0
[ 1482.689133]  ? ksys_write+0x1a9/0x260
[ 1482.689935]  ? __ia32_sys_read+0xb0/0xb0
[ 1482.690784]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1482.691872]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1482.692948]  do_syscall_64+0x33/0x40
[ 1482.693736]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1482.694796] RIP: 0033:0x7f4dd0a69b19
[ 1482.695571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1482.699387] RSP: 002b:00007f4dcdfdf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1482.700968] RAX: ffffffffffffffda RBX: 00007f4dd0b7cf60 RCX: 00007f4dd0a69b19
[ 1482.702456] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1482.703930] RBP: 00007f4dcdfdf1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1482.705409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1482.706888] R13: 00007fffd4ee012f R14: 00007f4dcdfdf300 R15: 0000000000022000
[ 1482.814240] ata1.00: non-matching transfer count (9216/0)
04:31:15 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x0, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:31:15 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
openat(r3, &(0x7f0000000040)='./file0\x00', 0x6081, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:31:15 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xa1ffffff, 0x0, 0x0, 0x0)

[ 1482.899920] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,,errors=continue
04:31:15 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>r0, {0x80000001}}, './file0\x00'})
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x5, 0x9, 0x2f, 0x7f, 0x0, 0x1000, 0x1, 0x4, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x2400, 0x80000000, 0x8000, 0x2, 0x1000, 0x56c, 0x6, 0x0, 0x5f, 0x0, 0x3}, 0x0, 0x0, r1, 0x2)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x28, 0x10, 0x1, 0x0, 0x0, {}, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x8, 0x1a, 0x0, 0x0, @fd=r2}]}, 0x28}}, 0x0)

[ 1482.943944] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'.
04:31:15 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:31:15 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xffffffff, 0x0, 0x0, 0x0)

04:31:15 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:31:15 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xf5ffffff, 0x0, 0x0, 0x0)

[ 1483.052873] FAULT_INJECTION: forcing a failure.
[ 1483.052873] name failslab, interval 1, probability 0, space 0, times 0
[ 1483.055667] CPU: 0 PID: 9271 Comm: syz-executor.0 Not tainted 5.10.207 #1
[ 1483.057093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1483.058817] Call Trace:
[ 1483.059370]  dump_stack+0x107/0x167
[ 1483.060134]  should_fail.cold+0x5/0xa
[ 1483.060937]  ? create_object.isra.0+0x3a/0xa20
[ 1483.061918]  should_failslab+0x5/0x20
[ 1483.062706]  kmem_cache_alloc+0x5b/0x310
[ 1483.063546]  ? mark_held_locks+0x9e/0xe0
[ 1483.064390]  create_object.isra.0+0x3a/0xa20
[ 1483.065301]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1483.066383]  kmem_cache_alloc_bulk+0x168/0x320
[ 1483.067335]  io_submit_sqes+0x6f76/0x85c0
[ 1483.068200]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1483.069224]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1483.070269]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1483.071275]  ? lock_downgrade+0x6d0/0x6d0
[ 1483.072136]  ? find_held_lock+0x2c/0x110
[ 1483.072991]  ? io_submit_sqes+0x85c0/0x85c0
[ 1483.073928]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1483.074934]  ? wait_for_completion_io+0x270/0x270
[ 1483.075947]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1483.076909]  ? vfs_write+0x354/0xa70
[ 1483.077698]  ? fput_many+0x2f/0x1a0
[ 1483.078456]  ? ksys_write+0x1a9/0x260
[ 1483.079247]  ? __ia32_sys_read+0xb0/0xb0
[ 1483.080096]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1483.081178]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1483.082276]  do_syscall_64+0x33/0x40
[ 1483.082567] FAULT_INJECTION: forcing a failure.
[ 1483.082567] name failslab, interval 1, probability 0, space 0, times 0
[ 1483.083053]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1483.083066] RIP: 0033:0x7f4dd0a69b19
[ 1483.083086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1483.083096] RSP: 002b:00007f4dcdfdf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1483.083125] RAX: ffffffffffffffda RBX: 00007f4dd0b7cf60 RCX: 00007f4dd0a69b19
[ 1483.093550] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1483.095030] RBP: 00007f4dcdfdf1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1483.096533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1483.098027] R13: 00007fffd4ee012f R14: 00007f4dcdfdf300 R15: 0000000000022000
[ 1483.099542] CPU: 1 PID: 9268 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1483.100623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1483.101910] Call Trace:
[ 1483.102316]  dump_stack+0x107/0x167
[ 1483.102906]  should_fail.cold+0x5/0xa
[ 1483.103493]  ? create_object.isra.0+0x3a/0xa20
[ 1483.104201]  should_failslab+0x5/0x20
[ 1483.104790]  kmem_cache_alloc+0x5b/0x310
[ 1483.105424]  ? find_held_lock+0x2c/0x110
[ 1483.106049]  create_object.isra.0+0x3a/0xa20
[ 1483.106729]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1483.107509]  __kmalloc_node+0x1ae/0x420
[ 1483.108137]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1483.108912]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1483.109702]  kmem_cache_alloc_bulk+0x182/0x320
[ 1483.110406]  io_submit_sqes+0x6f76/0x85c0
[ 1483.111074]  ? __mutex_lock+0x4fe/0x10b0
[ 1483.111699]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1483.112460]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1483.113210]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 1483.113915]  ? _raw_spin_unlock_irq+0x27/0x30
[ 1483.114595]  ? io_submit_sqes+0x85c0/0x85c0
[ 1483.115256]  ? finish_task_switch+0x126/0x5d0
[ 1483.115937]  ? finish_task_switch+0xef/0x5d0
[ 1483.116613]  ? __switch_to+0x572/0xf70
[ 1483.117198]  ? __switch_to_asm+0x3a/0x60
[ 1483.117828]  ? __switch_to_asm+0x34/0x60
[ 1483.118457]  ? __schedule+0x82c/0x1ea0
[ 1483.119070]  ? io_schedule_timeout+0x140/0x140
[ 1483.119765]  ? copy_kernel_to_fpregs+0x9e/0xe0
[ 1483.120471]  ? trace_event_raw_event_x86_fpu+0x390/0x390
[ 1483.121297]  ? ksys_write+0x1a9/0x260
[ 1483.121886]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1483.122682]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1483.123471]  do_syscall_64+0x33/0x40
[ 1483.124041]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1483.124820] RIP: 0033:0x7fcdd7801b19
[ 1483.125404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1483.128165] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1483.129324] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1483.130402] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1483.131484] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1483.132548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1483.133626] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:31:16 executing program 1:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x100810, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_STATX={0x15, 0x0, 0x0, r3, &(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x800, 0x100}, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
fsetxattr$trusted_overlay_upper(r6, &(0x7f0000000300), &(0x7f0000000340)=ANY=[@ANYBLOB="00fb050407c84702bb66b6351cd9302f318c79dca9f020834f33d5c527503e0ffb97dd73d10a5b5d37b9f7939b45b4d41352d8c7590d6764a6af0bc245aa9f4ad0c7622fee4bcc8d1cb21435b248c842070bb39179462850bab30354252e1d4b0aa49bf41079b470e726707c6284c41b6fc17e438d90d288d1443607583eeb655e6a17a59fdf76805f2c0f531c075b754f9c6b153c20f4c09ea41cc19da888c3141358cab3bb052145503f4397c812dbb1659a8ef99e5d14fe08b66b26bd8bbd5226626d7c904cb8e932326ed0d94c2d8cc90edce2fb51e664c3c9fc04198f0845e6a7b6e4c114b0a6f82b3320948c8b3ade3281539b4e72704c5f788e980ff9cc9c42f476"], 0x105, 0x2)

04:31:16 executing program 6:
r0 = gettid()
r1 = socket$unix(0x1, 0x1, 0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
r2 = syz_open_dev$mouse(&(0x7f0000000000), 0x2, 0x101002)
fcntl$getownex(r2, 0x10, &(0x7f00000009c0))
kcmp(r0, r0, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)

04:31:30 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:31:30 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xc)
r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
r3 = openat(r2, &(0x7f0000000040)='./file0\x00', 0x200000, 0xb)
r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0x4000007ffffffc)
ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r3, 0xf505, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
copy_file_range(r0, 0x0, r3, 0x0, 0x0, 0x0)

04:31:30 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xa1, 0x0, 0x0)

04:31:30 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xffffffa1, 0x0, 0x0, 0x0)

04:31:30 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x0, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:31:30 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:31:30 executing program 6:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x1433, &(0x7f0000001680)={0x0, 0x2000000, 0x0, 0xffffffff, 0x8100}, &(0x7f0000feb000/0xb000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000001300))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4109, 0x100d}], 0x2)
fork()

04:31:30 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000440)={0x0, 0xffffffffffffff79, &(0x7f0000000280)={&(0x7f0000000540)=ANY=[@ANYBLOB="2d000000a4219940590c271cf440d654357222b041efe0cbda29f4aaaed8585f8e1a574f57fb50b0b9ac98698b8d74784e1e3ba3f10d5f38a4bdf11ca2485a8e60d8e8fc6b6ac725bfdaa3a8bd225004bb7e69d977c87111c88d7c5e8f90b75f22b69efb906b5141bb77ab0077c99c57a5fddcf5fcea8570eca73edac7bb76e39784be6f66be9fc52aa60ea57375465fe2169c032e29779adb9a9f3e4bdeea00f833938f292f1ec012d3b80e49f8a4a00715ff018b1b10ebe4eda7ede3dd3f029b535748ddff726ea6821b427b3ed062fab3f2ea8b08d239a7c5e3509b060cdfe6eb3e94e4fc5e5699108bbe8863cbbd5677862c37c9bdf262ee13e891d2945106fdf9be0e943c0791ccd77e83477e0100010000000000ffd78cdcc29bbd564bb1f14931d0c184b4dd5d0886e14360d2fd01b5d133454aa2e19e6cfd647072ff43610cd8e4cf9b9a9ad41c5a12eb5820e194c6d47685f05c7ebcfdde569fe7fd7b44824977c98fdfb8ca132544809c2f89abf92c992f1ff14c72a8ea73f8d8b59e1b440239a2155d131e3b199f9104edd47ea6c8ac462a6f092cea920bc82bdce9c6d015b0", @ANYRES16=r1, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r3, @ANYBLOB="10005a80"], 0x2c}}, 0x0)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x4, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000840}, 0x10040001)
r4 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r7, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r4, 0x0)
syz_io_uring_submit(r8, r6, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r4, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r9 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x1000000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f0000000400)=""/129, 0x81, &(0x7f0000000680)=""/4096, &(0x7f0000000240)=[r9], 0x1}, 0x58)
perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x1f, 0x7, 0x2d, 0x5c, 0x0, 0xfffffffffffffff7, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x7, 0x2, @perf_bp={&(0x7f00000002c0), 0xa}, 0x480, 0x7, 0x80000001, 0x6, 0x0, 0x5, 0xfc00, 0x0, 0x7fffffff, 0x0, 0x10001}, r9, 0xe, r7, 0xa)

[ 1497.893962] FAULT_INJECTION: forcing a failure.
[ 1497.893962] name failslab, interval 1, probability 0, space 0, times 0
[ 1497.896445] CPU: 1 PID: 9306 Comm: syz-executor.0 Not tainted 5.10.207 #1
[ 1497.897883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1497.899564] Call Trace:
[ 1497.900103]  dump_stack+0x107/0x167
[ 1497.900861]  should_fail.cold+0x5/0xa
[ 1497.901694]  ? create_object.isra.0+0x3a/0xa20
[ 1497.902635]  should_failslab+0x5/0x20
[ 1497.903428]  kmem_cache_alloc+0x5b/0x310
[ 1497.903582] FAULT_INJECTION: forcing a failure.
[ 1497.903582] name failslab, interval 1, probability 0, space 0, times 0
[ 1497.904248]  ? mark_held_locks+0x9e/0xe0
[ 1497.904273]  create_object.isra.0+0x3a/0xa20
[ 1497.904294]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1497.904321]  kmem_cache_alloc_bulk+0x168/0x320
[ 1497.904348]  io_submit_sqes+0x6f76/0x85c0
[ 1497.904372]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1497.904428]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1497.913101]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1497.914090]  ? lock_downgrade+0x6d0/0x6d0
[ 1497.914929]  ? find_held_lock+0x2c/0x110
[ 1497.915759]  ? io_submit_sqes+0x85c0/0x85c0
[ 1497.916645]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1497.917635]  ? wait_for_completion_io+0x270/0x270
[ 1497.918618]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1497.919560]  ? vfs_write+0x354/0xa70
[ 1497.920320]  ? fput_many+0x2f/0x1a0
[ 1497.921059]  ? ksys_write+0x1a9/0x260
[ 1497.921847]  ? __ia32_sys_read+0xb0/0xb0
[ 1497.922677]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1497.923737]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1497.924788]  do_syscall_64+0x33/0x40
[ 1497.925551]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1497.926591] RIP: 0033:0x7f4dd0a69b19
[ 1497.927344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1497.931066] RSP: 002b:00007f4dcdfdf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1497.932605] RAX: ffffffffffffffda RBX: 00007f4dd0b7cf60 RCX: 00007f4dd0a69b19
[ 1497.934048] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1497.935486] RBP: 00007f4dcdfdf1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1497.936926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1497.938376] R13: 00007fffd4ee012f R14: 00007f4dcdfdf300 R15: 0000000000022000
[ 1497.939848] CPU: 0 PID: 9311 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1497.941276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1497.943002] Call Trace:
[ 1497.943552]  dump_stack+0x107/0x167
[ 1497.944312]  should_fail.cold+0x5/0xa
[ 1497.945115]  ? create_object.isra.0+0x3a/0xa20
[ 1497.946083]  should_failslab+0x5/0x20
[ 1497.946877]  kmem_cache_alloc+0x5b/0x310
[ 1497.947720]  ? mark_held_locks+0x9e/0xe0
[ 1497.948580]  create_object.isra.0+0x3a/0xa20
[ 1497.949492]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1497.950573]  kmem_cache_alloc_bulk+0x168/0x320
[ 1497.951555]  io_submit_sqes+0x6f76/0x85c0
[ 1497.952462]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1497.953510]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1497.954536]  ? lock_downgrade+0x6d0/0x6d0
[ 1497.955405]  ? find_held_lock+0x2c/0x110
[ 1497.956259]  ? io_submit_sqes+0x85c0/0x85c0
[ 1497.957162]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1497.958178]  ? wait_for_completion_io+0x270/0x270
[ 1497.959177]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1497.960142]  ? vfs_write+0x354/0xa70
[ 1497.960928]  ? fput_many+0x2f/0x1a0
[ 1497.961709]  ? ksys_write+0x1a9/0x260
[ 1497.962498]  ? __ia32_sys_read+0xb0/0xb0
[ 1497.963454]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1497.964550]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1497.965647]  do_syscall_64+0x33/0x40
[ 1497.966430]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1497.967536] RIP: 0033:0x7fcdd7801b19
[ 1497.968310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1497.972144] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1497.973785] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1497.975256] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1497.976741] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1497.978207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1497.979668] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
04:31:31 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0xf5, 0x0, 0x0)

04:31:31 executing program 4:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)

04:31:31 executing program 3:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0xfffffff5, 0x0, 0x0, 0x0)

04:31:31 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

04:31:31 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0xa0)
syz_mount_image$vfat(0x0, 0x0, 0x9, 0x0, &(0x7f0000000300), 0x180008c, &(0x7f0000000340)=ANY=[@ANYBLOB="657466383d312c66736d616769633d30783030303030302c6d4f49737572652c7365e98cbb365c2e04883683ae57636c6162656c2c6f626a5f747970653d00"])
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x101}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000000c0))
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
openat(r6, &(0x7f0000000140)='./file1\x00', 0x200080, 0x240)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\xd2@:-:@:$$@'}}]}})
dup(r4)

04:31:31 executing program 7:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0)

[ 1498.330819] FAULT_INJECTION: forcing a failure.
[ 1498.330819] name failslab, interval 1, probability 0, space 0, times 0
[ 1498.333705] CPU: 0 PID: 9339 Comm: syz-executor.0 Not tainted 5.10.207 #1
[ 1498.335367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1498.337380] Call Trace:
[ 1498.337959]  dump_stack+0x107/0x167
[ 1498.338760]  should_fail.cold+0x5/0xa
[ 1498.339610]  ? create_object.isra.0+0x3a/0xa20
[ 1498.340597]  should_failslab+0x5/0x20
[ 1498.341402]  kmem_cache_alloc+0x5b/0x310
[ 1498.342550]  ? mark_held_locks+0x9e/0xe0
[ 1498.343570]  create_object.isra.0+0x3a/0xa20
[ 1498.344657]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1498.345957]  kmem_cache_alloc_bulk+0x168/0x320
[ 1498.347209]  io_submit_sqes+0x6f76/0x85c0
[ 1498.348248]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1498.349483]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1498.350747]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1498.351959]  ? lock_downgrade+0x6d0/0x6d0
[ 1498.352995]  ? find_held_lock+0x2c/0x110
[ 1498.354033]  ? io_submit_sqes+0x85c0/0x85c0
[ 1498.355123]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1498.356320]  ? wait_for_completion_io+0x270/0x270
[ 1498.357518]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1498.358563]  ? vfs_write+0x354/0xa70
[ 1498.359366]  ? fput_many+0x2f/0x1a0
[ 1498.360155]  ? ksys_write+0x1a9/0x260
[ 1498.360975]  ? __ia32_sys_read+0xb0/0xb0
[ 1498.361847]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1498.362959]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1498.364062]  do_syscall_64+0x33/0x40
[ 1498.364924]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1498.366074] RIP: 0033:0x7f4dd0a69b19
[ 1498.366874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1498.370844] RSP: 002b:00007f4dcdfdf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1498.372475] RAX: ffffffffffffffda RBX: 00007f4dd0b7cf60 RCX: 00007f4dd0a69b19
[ 1498.374002] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1498.375548] RBP: 00007f4dcdfdf1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1498.377077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1498.378621] R13: 00007fffd4ee012f R14: 00007f4dcdfdf300 R15: 0000000000022000
04:31:31 executing program 5:
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x40800, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000002c0)=0x8000)

04:31:31 executing program 0:
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ftruncate(r3, 0x1000000)
r5 = dup2(r3, r4)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)
syz_io_uring_setup(0x2382, &(0x7f00000001c0)={0x0, 0xc631, 0x8, 0x2, 0x2ca, 0x0, r5}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))

[ 1498.567793] FAULT_INJECTION: forcing a failure.
[ 1498.567793] name failslab, interval 1, probability 0, space 0, times 0
[ 1498.570303] CPU: 0 PID: 9350 Comm: syz-executor.5 Not tainted 5.10.207 #1
[ 1498.571706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1498.573430] Call Trace:
[ 1498.574035]  dump_stack+0x107/0x167
[ 1498.574807]  should_fail.cold+0x5/0xa
[ 1498.575605]  ? create_object.isra.0+0x3a/0xa20
[ 1498.576551]  should_failslab+0x5/0x20
[ 1498.577355]  kmem_cache_alloc+0x5b/0x310
[ 1498.578249]  ? mark_held_locks+0x9e/0xe0
[ 1498.579101]  create_object.isra.0+0x3a/0xa20
[ 1498.580019]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1498.581086]  kmem_cache_alloc_bulk+0x168/0x320
[ 1498.582065]  io_submit_sqes+0x6f76/0x85c0
[ 1498.582968]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1498.584012]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1498.585028]  ? lock_downgrade+0x6d0/0x6d0
[ 1498.585905]  ? find_held_lock+0x2c/0x110
[ 1498.586778]  ? io_submit_sqes+0x85c0/0x85c0
[ 1498.587707]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1498.588751]  ? wait_for_completion_io+0x270/0x270
[ 1498.589795]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1498.590785]  ? vfs_write+0x354/0xa70
[ 1498.591581]  ? fput_many+0x2f/0x1a0
[ 1498.592362]  ? ksys_write+0x1a9/0x260
[ 1498.593162]  ? __ia32_sys_read+0xb0/0xb0
[ 1498.594038]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1498.595135]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1498.596248]  do_syscall_64+0x33/0x40
[ 1498.597018]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1498.598136] RIP: 0033:0x7fcdd7801b19
[ 1498.598943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1498.602855] RSP: 002b:00007fcdd4d77188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1498.604492] RAX: ffffffffffffffda RBX: 00007fcdd7914f60 RCX: 00007fcdd7801b19
[ 1498.606001] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1498.607526] RBP: 00007fcdd4d771d0 R08: 0000000000000000 R09: 0000000000000000
[ 1498.609047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1498.610565] R13: 00007ffc6a434abf R14: 00007fcdd4d77300 R15: 0000000000022000
[ 1498.643513] FAULT_INJECTION: forcing a failure.
[ 1498.643513] name failslab, interval 1, probability 0, space 0, times 0
[ 1498.646139] CPU: 0 PID: 9353 Comm: syz-executor.0 Not tainted 5.10.207 #1
[ 1498.647600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1498.649376] Call Trace:
[ 1498.649969]  dump_stack+0x107/0x167
[ 1498.650764]  should_fail.cold+0x5/0xa
[ 1498.651599]  ? create_object.isra.0+0x3a/0xa20
[ 1498.652583]  should_failslab+0x5/0x20
[ 1498.653426]  kmem_cache_alloc+0x5b/0x310
[ 1498.654304]  ? mark_held_locks+0x9e/0xe0
[ 1498.655179]  create_object.isra.0+0x3a/0xa20
[ 1498.656130]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1498.657230]  kmem_cache_alloc_bulk+0x168/0x320
[ 1498.658234]  io_submit_sqes+0x6f76/0x85c0
[ 1498.659126]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1498.660167]  ? __do_sys_io_uring_enter+0x6b5/0x1920
[ 1498.661231]  __do_sys_io_uring_enter+0x6b5/0x1920
[ 1498.662280]  ? lock_downgrade+0x6d0/0x6d0
[ 1498.663181]  ? find_held_lock+0x2c/0x110
[ 1498.664051]  ? io_submit_sqes+0x85c0/0x85c0
[ 1498.664981]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1498.666008]  ? wait_for_completion_io+0x270/0x270
[ 1498.667044]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1498.668013]  ? vfs_write+0x354/0xa70
[ 1498.668822]  ? fput_many+0x2f/0x1a0
[ 1498.669597]  ? ksys_write+0x1a9/0x260
[ 1498.670417]  ? __ia32_sys_read+0xb0/0xb0
[ 1498.671267]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1498.672344]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1498.673462]  do_syscall_64+0x33/0x40
[ 1498.674261]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1498.675346] RIP: 0033:0x7f4dd0a69b19
[ 1498.676112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1498.680043] RSP: 002b:00007f4dcdfdf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1498.681709] RAX: ffffffffffffffda RBX: 00007f4dd0b7cf60 RCX: 00007f4dd0a69b19
[ 1498.683224] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 1498.684736] RBP: 00007f4dcdfdf1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1498.686279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1498.687811] R13: 00007fffd4ee012f R14: 00007f4dcdfdf300 R15: 0000000000022000
[ 1498.742616] netlink: 2861 bytes leftover after parsing attributes in process `syz-executor.2'.

VM DIAGNOSIS:
04:36:37  Registers:
info registers vcpu 0
RAX=ffffffff83e5f470 RBX=0000000000000000 RCX=ffffffff83e4752c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e5fa78 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001
R12=0000000000000000 R13=ffffffff85672788 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e5f47e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0f00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff4dce27010 CR3=000000000e0c0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=006c02fe016c6c6f502e726567616e61
XMM02=00000000000000004100144000000000 XMM03=0000060606060605011276a6fdb89d19
XMM04=000000c00017a0c0000000c00017a090 XMM05=000000c00017a120000000c00017a0f0
XMM06=000000c0000554d0000000c00017a150 XMM07=000000c0001798c0000000c00017a180
XMM08=000000c00017a4e0000000c00017a4b0 XMM09=000000c000055530000000c00017a510
XMM10=000000c00017a570000000c00017a540 XMM11=000000c00017a5d0000000c00017a5a0
XMM12=000000c00017a630000000c00017a600 XMM13=000000c00017a690000000c00017a660
XMM14=000000c00017a6f0000000c00017a6c0 XMM15=000000c00017e160000000c000055560
info registers vcpu 1
RAX=ffffffff83e5f470 RBX=0000000000000001 RCX=ffffffff83e4752c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e5fa78 RBP=ffffed100112f000 RSP=ffff888008987e70
R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001
R12=0000000000000001 R13=ffffffff85672788 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e5f47e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe5000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055917cbd1678 CR3=000000000e0c0000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000004184754400000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000