, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x12348, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:01 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x10000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:01 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x16f869f2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:01 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 9)

11:17:01 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x20fef000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 2910.705617] FAULT_INJECTION: forcing a failure.
[ 2910.705617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2910.707522] CPU: 1 PID: 69952 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2910.708620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2910.709974] Call Trace:
[ 2910.710424]  dump_stack+0x107/0x167
[ 2910.711039]  should_fail.cold+0x5/0xa
[ 2910.711686]  strncpy_from_user+0x34/0x470
[ 2910.712337]  getname_flags.part.0+0x95/0x4f0
[ 2910.713051]  ? _copy_from_user+0xfb/0x1b0
[ 2910.713684]  user_path_at_empty+0xa1/0x100
[ 2910.714372]  __x64_sys_mount+0x1e9/0x300
[ 2910.714994]  ? copy_mnt_ns+0xa00/0xa00
[ 2910.715628]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2910.716431]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2910.717265]  do_syscall_64+0x33/0x40
[ 2910.717831]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2910.718663] RIP: 0033:0x7f01450cdb19
[ 2910.719221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2910.722200] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2910.723408] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2910.724565] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2910.725725] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2910.726877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2910.728020] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:17:01 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x7fffdf010000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 2910.741987] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=69935 comm=syz-executor.0
11:17:01 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x12349, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:01 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 10)

11:17:01 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x10002011})

11:17:01 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x16f869f2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:01 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x20000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:01 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x7ffffffff000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 2910.959872] FAULT_INJECTION: forcing a failure.
[ 2910.959872] name failslab, interval 1, probability 0, space 0, times 0
[ 2910.961565] CPU: 1 PID: 70465 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2910.962529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2910.963629] Call Trace:
[ 2910.964014]  dump_stack+0x107/0x167
[ 2910.964524]  should_fail.cold+0x5/0xa
[ 2910.965058]  ? alloc_fs_context+0x57/0x840
[ 2910.965658]  should_failslab+0x5/0x20
[ 2910.966203]  kmem_cache_alloc_trace+0x55/0x320
[ 2910.966848]  alloc_fs_context+0x57/0x840
[ 2910.967422]  path_mount+0xaa3/0x2120
[ 2910.967960]  ? strncpy_from_user+0x9e/0x470
[ 2910.968563]  ? finish_automount+0xa90/0xa90
[ 2910.969146]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2910.969836]  ? _copy_from_user+0xfb/0x1b0
[ 2910.970540]  __x64_sys_mount+0x282/0x300
[ 2910.971110]  ? copy_mnt_ns+0xa00/0xa00
[ 2910.971662]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2910.972417]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2910.973139]  do_syscall_64+0x33/0x40
[ 2910.973660]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2910.974345] RIP: 0033:0x7f01450cdb19
[ 2910.974865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2910.977460] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2910.978522] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2910.979506] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2910.980519] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2910.981518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2910.982515] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:17:01 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0xf, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:17:01 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x1234a, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:20 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 11)

11:17:20 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a550", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:17:20 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:17:20 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x1234b, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:20 executing program 4:
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000180)={0x20000010})
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x9b3b42, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r2, 0x8010661b, &(0x7f00000001c0))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r4, 0x1, 0x3d, &(0x7f0000000140), 0x8)
close(r4)
accept(r3, &(0x7f00000000c0)=@nfc_llcp, &(0x7f0000000000)=0x80)

11:17:20 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:17:20 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x20000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:20 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2929.827129] FAULT_INJECTION: forcing a failure.
[ 2929.827129] name failslab, interval 1, probability 0, space 0, times 0
[ 2929.829802] CPU: 0 PID: 70891 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2929.831288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2929.833071] Call Trace:
[ 2929.833628]  dump_stack+0x107/0x167
[ 2929.834400]  should_fail.cold+0x5/0xa
[ 2929.835207]  ? create_object.isra.0+0x3a/0xa20
[ 2929.836188]  should_failslab+0x5/0x20
[ 2929.836990]  kmem_cache_alloc+0x5b/0x310
[ 2929.837855]  create_object.isra.0+0x3a/0xa20
[ 2929.838795]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2929.839885]  kmem_cache_alloc_trace+0x151/0x320
[ 2929.840895]  alloc_fs_context+0x57/0x840
[ 2929.841749]  path_mount+0xaa3/0x2120
[ 2929.842523]  ? strncpy_from_user+0x9e/0x470
[ 2929.843430]  ? finish_automount+0xa90/0xa90
[ 2929.844343]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2929.845318]  ? _copy_from_user+0xfb/0x1b0
[ 2929.846196]  __x64_sys_mount+0x282/0x300
[ 2929.847054]  ? copy_mnt_ns+0xa00/0xa00
[ 2929.847880]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2929.848981]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2929.850199]  do_syscall_64+0x33/0x40
[ 2929.850992]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2929.852098] RIP: 0033:0x7f01450cdb19
[ 2929.852891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2929.856830] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2929.858449] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2929.859963] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2929.861570] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2929.863089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2929.864622] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 2929.922078] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=70983 comm=syz-executor.0
11:17:20 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x1234c, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:20 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x1234d, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:20 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x2e000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:39 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123a2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:39 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a550", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:17:39 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x168)
stat(&(0x7f00000000c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0x0, r1, 0x0)
keyctl$invalidate(0x15, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000140)={0x1, 0x1aa, 0x11}, &(0x7f0000000180)='./file0\x00', 0x18, 0x0, 0x23456}, 0x3)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x6, 0x2, 0x1, 0x3, 0x0, 0x2, 0x4cc80, 0x9, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x10100, 0xffff, 0x9, 0x2, 0x239, 0x247, 0x5be, 0x0, 0x4, 0x0, 0x4}, 0x0, 0xb, r0, 0xb)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a000000010000affe1d9cf6", @ANYRES32, @ANYBLOB="05000000070000002e2f66698b00000000000000e0562416a5b5677295cb834941dc1e57c152aff06ceb99bd7518cedc18b5e1996980267b844d6022783c8920658dee5344505d3d8589a59413bbdb5edc51da137dc9d9c8b2fb635198ff083f4982dbf053e664a821b4fea67931579e26d2bea5a480657d0385a5b631176e05870e80fad7d565d8d59727b198bb933dd1b8f5d13ebc1fd9121414a498bbef922525d16c4376d01d08000000c88c5dd0d01afa7c8a9494ae6207be1117e46a6b90da10d42c28997f2c829134bb23cb6447e553afe71948f3f3281cd308ca68c3221012fd1acb6a432596536fe982af11527c7c627a3ba056796d2dee6ad8396f669be310e5c9e0236efe"])
r2 = pkey_alloc(0x0, 0x1)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000400))
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x4}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_STATX={0x15, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000600), &(0x7f0000000040)='./file0\x00', 0x80, 0x6000}, 0x53)
r3 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000180)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
syz_io_uring_submit(r6, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(0x0, r5, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x7ff2b1025e59458f, 0x0, @fd_index, 0x0, 0x0, 0x0, {0x4100}}, 0x4)
pkey_mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000005, r2)

11:17:39 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 12)

11:17:39 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x3f000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:39 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:39 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={<r2=>0x0, ""/256, <r3=>0x0, <r4=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={<r5=>0x0, <r6=>0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {0x0, <r7=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {0x0, r5}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {r3}], 0x4, "9755154351ac9a"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000050740)={0x7ff, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r8=>0x0}], 0x7, "f06521b0ca9f2f"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={<r9=>0x0, ""/256, <r10=>0x0, <r11=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={<r12=>0x0, <r13=>0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {0x0, r12}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {r10}], 0x4, "9755154351ac9a"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={<r14=>0x0, ""/256, <r15=>0x0, <r16=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={<r17=>0x0, <r18=>0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {0x0, r17}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {0x0, r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r18}, {r15}], 0x4, "9755154351ac9a"})
[ 2949.186674] FAULT_INJECTION: forcing a failure.
[ 2949.186674] name failslab, interval 1, probability 0, space 0, times 0
[ 2949.189562] CPU: 1 PID: 71626 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2949.191317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2949.193436] Call Trace:
[ 2949.194116]  dump_stack+0x107/0x167
[ 2949.195049]  should_fail.cold+0x5/0xa
[ 2949.196027]  ? legacy_init_fs_context+0x44/0xe0
[ 2949.197216]  should_failslab+0x5/0x20
[ 2949.198198]  kmem_cache_alloc_trace+0x55/0x320
[ 2949.199375]  ? lockdep_init_map_type+0x2c7/0x780
[ 2949.200647]  legacy_init_fs_context+0x44/0xe0
[ 2949.201803]  ? generic_parse_monolithic+0x1f0/0x1f0
[ 2949.203071]  alloc_fs_context+0x4fd/0x840
[ 2949.204144]  path_mount+0xaa3/0x2120
[ 2949.205122]  ? strncpy_from_user+0x9e/0x470
[ 2949.206220]  ? finish_automount+0xa90/0xa90
[ 2949.207343]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2949.208541]  ? _copy_from_user+0xfb/0x1b0
[ 2949.209631]  __x64_sys_mount+0x282/0x300
[ 2949.210679]  ? copy_mnt_ns+0xa00/0xa00
[ 2949.211508]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2949.212874]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2949.214190]  do_syscall_64+0x33/0x40
[ 2949.215152]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2949.216472] RIP: 0033:0x7f01450cdb19
[ 2949.217417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2949.222128] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2949.224077] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2949.224689] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=71634 comm=syz-executor.0
[ 2949.225875] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2949.225889] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2949.225901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2949.225910] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000005eb40)={<r19=>0x0, 0x0, "c2a82d07fe92c7944a4f9a51f96ac50b053ce087781010a12892c84397f02ba66ba53516bffe0ba526cfdc1dc5fa79631b4fe11dd1e3c186e2ac54e3bf0ad08acc15c0a815cc86395a4ea39d6fa087c1893978894c2a31ee257aee6efc2a93ee8b978af03a38e626143bb42951c0f765306f9b9b5f4a8634c304f8b5657fd385aa4df899729af0daf9447f9d6bee7812090126f4891ba799e7670df854a5f26959633b5fe3feb2cb97234dc280d5a4e4f59a8a34a53246cb85b6f518ce44e7b115fc893bb998015240114bdb1985ef9ed6d2f7ad1c062c15ac969932533d593977bb6172336784abdb5d5fcf9174fdf84155c53eb7b6909bae9acccb6f9c5409", "578a308526dcdc1c3c34ebc3f4a528550edbf36a80214344bb2a89c8706d12cc59b2d2cb34fc3fd72ba1758df6eab210359256eb2fd90eb2d6b416975c68fb8ab99ac3e7bf2b7d891601dbd491da9586358c43e0589435d136cd2cbcba303ccb007f97a40db286f6d4ccf8a855739d42a1d8b9d87bcb81be6718ea666a0462587c409834b9285eadb6aa77cc0b650017bc42c74c68bec5e7edc07802be34dbc40106e80003d60ef05710571db9e4b6bc33d719cb8a149970374b580d0c99320f7890aaa69a3028ce2540748589f444a8bf446b250f12802376a832d0a2d9ef6644ba94a4eb7be925ecf7f90381ad420ef4b50a6dd0dfa452376b7e2eed6ecf46945265636b92cd183f6d994ca052c283f029090f2ddf4b890169ad5da7d61c28f8673c1b3cfd3d76067463823f703234673dce7da9076ab88ece20ea089b8b7d02c75accf411d5782d9fc33919e9c590d9007183958cad845b20054c9739089d85c854d82ba72e87caa19338c2f611c443109039cca07bca8dc4f89f13fba8b402a0e35eff4ba79e8361924e82bae57f2960011e16657d426dc07b01982126a82d89c900a6b66263568d47398cf7ad65112b38d6257ec47dec82a346a9506ea7f76bbe40dfc5c8c3c1f842be3e7c35cd6ec217de699f29dd33a513fa2fd7edde1b5935461f53911e8f642045daa4ffe4ef5f622d8b5389e17a92ea635ce5e9a1f1f267d504f42c67d30c10622387f903ecc79930e92187e5e784544a629ddbfe3d892a5b503f2a27a287584c3479ceca44ff9451c7d39770c943cd9dfafad2a467cfc279590666394903cc182c5e60c935b858f57a8fdea0e7caf3ccdf7a741c1a0986985f71a8e9b846e4f9f1bf8f16787832d4fa6febeab2546903a6d4c36a7616dcc4350c77a66b0351ee8ac60bde46588c12370efd7e5399f9eeb67d459f19ec47c14994ef944348950ddc2da75b3570692195dc88983083490269c9c2aee5a9d04589ac749849e52af9ba4793107fb044390b60842fdbab5eadc2a0d4b10e06f6d107c84ddf88aa721f5f2fefaa20e2a69e04e53b7ede0767df79b66800ead86066049a43e1f1d2afa44713a11c790bbdf1e99d6563b22b1a1dfc56967194966d346111efad265b09de3fa7469b43a8af396ed062a1cfd558fa2524e01384d8a37fcdb1f88468c3474e4b3c09c659713c9258fe589ea5c832b986fca4f41c9a1cc38848a71d0e8017941ea2fd64452319b378abfba95265a48bd00ee7887eb4946fd237e5f25e15d6a974d8092aa8459486cca0c406758cee5a8915430da5a12480240d862b1d17d212d87b0e1e9f8b70dd4df7184ab548952c47e4ca2d24894995c8c364533ac3bc0bf87b8d06be75e29ce50477025d41843ef562fb95b0630e4484b3ff07916efae067a720fd1210250d36840abaa004ab0a4085d81c34e9e34c556648920c2640f3d6261b7a2c23ae85e4c8173063941858f4b6ba9888384b9cb7b261265bf5e9589931230434ab74d6d48bef22523a5639b62d8561f478eece8d00eff205f01a329e2508d072e6062fd2579272165326a33434defbb9c147408785662baab52b554080ff90bcb6cb05e50f2e8fa163ca7a31f9a03aee6f7f69f2a3d39e31abb2d9059fd82b8712065c4269a8af352cb3d1a3467c70f96abeed8c33d90e0a41a41bb8eadf78c6fe979f1003ad6df510e3b28c4c9828282624d04ff5e1d091994286ebd6fb43a6575e4304b4ae16a7a4c762e0bbe6041d9b3a17a95dabe305ae300e04004042ee3c764652823153a18b5cb15ead463aea5ad16fa225194e0336118738e7e10d8d9e0b7829ddff78165529aabc98d40123fc683831596061158e8ed29f87c63a49cd7157fd3be13cd2baa3acf96de2320b2b7c7b9f216b78ccc459b568a5d7a6439b17f3b3c97fcef96ccf94e80725f3a8d34c0aca16388444c5f76db6d551580676b231deece91857c4d227acd6f1932629ea2d17d5bc54ebab420a217794e4e39da9ed3a5544a37489a5d7fde5b25d042b92d30d3aed10727d7bfe0dad0dd6e236fd17ece5d17fd73cfa2b175ddffc13e2c11fe8b820bced0da501558ab1dd4c41d99c7b4a9f343636241395d25e79f73ac6307be9a60c2c7e4d3b3beae68e4ab12107b76e64206ff409ba24480ee6e313bd9b53d9ad4f6a749e342c6ccbe6c65b371f66ba70ce979862586c03150596d633d33c8d303a3bd26121254a9f937705994e3ca85bbea29acc83359b1d769d5711f60bfc4373aacc9b0a531a6bf5423039b300aadc0b7c78cf993b41c20b9026e86c5afb5b8bf53960a6bb04815216575831d3e1479b195d1eeb23716ed99052136ae33f13450e411d6c58d0db263e9b00bfb806f70f8f41e4f837a7d8895cd26c37ed2a484a948fbb44fc06b525440b5a652a9fad03639920af33eca8c6972977859d52117c3502923bab16ed9bb2dfe8a72e1647c21fb887d7fbf6c59f4dccabcc404fe9d0dfe90f29b26dfee68cfd96089a2399dc38df4ff182b75ae0f9099fae3b917c6e62130fc1a404c1d5e47bb3cd9e0146a2604d262b81c495f40cea2b8614488b0267da1f4e2f6746bb5cf41a3788eaa4d8de033542dd0c4fbc2fb21d42ace78b616cd2a9d08376de0bb3149e64783d50e4fe077ef9b89a55564f14a0dbd819f9df418eff08811d4e4faa9b9f11495a7471e11ee41c3f8f05a44e7f8f8a8b34425d29a730be73eaabb7a602aa10a5c57ce5ffb1ed17da3b02e751bb16a0e0237ec4d4e8f74d9d0f4e1c2473c520006df941b66423a34c22f95df89116247b6223f1c95a06d7858444af3d4a5b5571866b684108293e119caa14c49d0cff7ceb6b336e62c3a94f90daa83df7bae62284f25d5985c10d0e64cb03111ed1a44387330c59b3de5d9e908e3d16f6208b930d1054ab5d3e271f8301d4b7a69a9b85bfbe34b0054f7cb532a2e236e687a7d1b47dc2388bedb4218ee13df5232595212ef6d0562b3f702cc39b996e51bad5b01008fb55768cce19925cc21f71aff23d268cbb589d3cab6683801bb18733079549e79178a4e76b0b9623e526dd6edb9f7a94b04342400a67de237daae7cdcb33e7f2e5f7f62a655a9161490fb8f8b60de93827b29abc4131453045188a6e174abc2efb3ca482338f601bde430ce01f1c5bf8ee7b170adea7ce740fb550c2e906c2fe3d4fe8462a49f35dd40150b43e9585cb79aa5f74810eedc3e9afc55cc40674fbfa74535afa50281a377aa92ea8106bcf86ec15cabe13c48a0f0f6c83fc43f18b96a57a631149465626678d7bbddda48a46563e98ea3d0c1fb3b3a04ec9b2cd81deed37dc4b737bd1efaee1b3c7f6bb855dab48b5a02220746d3b8c2cbfb9ba0b2fb0a61cc12887a394a20dfff5662d7f6b0e653731d3da67413dd23e4ef483c9ec097fc8bd70fc788c06dd0e484f204b4e6b98f216d352527fda4114f7c5435272b378851d16b69b5230c72a7ab3bf485fb8a1c7aedb389d145dae1c71f35ecd372e309474db869c8059b8654730439c70893cac0451ddafc579e21e297990cdd90d5f34496ead73c38e44db4e1d491f28e47fa6b914f4ab04d6ac615a03116acb2b98764ebc11d414a4c6653de78539d0e36ca0f70a9e443eab40c92e1509ac85ea10b916e00c2282a02590ff5f67e255f1ab52e8958df69471c2e3ed44490dcb4e7f7daa86e821e451c0a0cab51e00f040b0e02bdb4d230fe668c7d64ce818dfe26c56c405ee23858b0c306f47ecc665e38f03bb52b6c4ba8ac398930277812bc84d8c56b5d4af1fe8d76ec40db2b879f258fc7df012deae738d84dffdcce284da594d14a4b48f47a3ffd63626bc14a99ef2e8b1e1b15009a4ea9cda8bbcba9ed5456fe04138fabc860da05997801926d46bdbfbf85ba14e078dbffb9018d4151571a8b79a74c3d6a2e8bdbda40e40111c4d6a9b28912b1dab5c100e350f2e171e0fe4004b753ebbbccf626f433c381d65e7d9a894ed56ec9f12ddaffa16817674669f2f57257c874b8b5fe68a0df8289df4ef61e4551bd7d3630e97c25da4323d37d69bdcf361f7e4250178720fc2b72bc3018c984ad1d0a9ae84a63fb01975439aab3153f5859eb81511d8411b6f05f4ad2a69888ffd33f10f087460d3836bdf46a04d02a8dd2c48068176378cbdd76a6137ca63d48863c036a020918f90a5b0cfa46ff8c1028d8f26557a9a82298ecd90fa70341921cbd4cfbf8ff031ebc550bbb410388445f216a3df03070a27c8040c7643baa87a378fc45b94dd606d22a59c284bf770e8a72b15d50e1bdc6740ad08877b09edf49d17b7df8201f781f48aa16b8052c3e45be4d5d6c4cd7e6ee7b9e5bdc038e88a9c6ad94056cd1174674efa5cb42e316db0a5045a0ef396870bb2216af00d07ebf6696ab5d97658e70588d13e5d0f5819aa1caeb12be0e18589b1e3f1ea9088f737a44680058adddaed50a212be9d6c5e75970eeb6c2c7881fde1e492b6d0983430de824426e1eda15916aec40b76ab129d58820e67dc43287517322e36daf83d4eee2bf3c5bf44580c57e70bbeb284b8d9236001563f917fd05691fa80bd1cd1e9f657fca163b3620cfa2354ff5e589fadd8053e077cb796ce54547606c7fd3fd0b6af36e27a8936f01690632c176ac8630efd89694795da5f7ba21a185ed61f5b35aff5d2dbfe614299fb1c2c2f9934979deeed053e16a01fe673524c32a3cc894681b06180881d432c29c5fef833a410aa0a32d8d6e63749d22af55510d07f753d64ffea26c8ac9c7c5bd90565d0de8dde272859e8b7690353f26d66ef3a75c5062cbde63b0ff9a49895e43c60cf43b40606b5c442c3fa40d5294aa7abf459fd8875bee582adeef6638114eadb4c1f80bc3e68ce33d9163e4e050fa9619282e5016619d0c5817565aceecd0a293bf02274f0a466d482fc84cf5973a30883556187a80740075807c26b02c24e7542bb8afe07303dbdd2b957ba258ddd8f5b8b91bce0799fda00237615f5a178afa42987d737266e6f3861a0514d5bc7009fcd8899af1e1af8d73b8a2e1f1113da6063ae818a2a9055058d2ed2936b5045516509665d7dde372adbf1db9b848bd17796e32d2684b86ca8502150a36c80a7736a33d5059f0f394309dde6fa76ecc5f978ab8a12731bc78e085aa403d7e3f2596ef545bdaa2a5069abf3a4be73bf29d4965a9bdcf08b65aaf6b28956551d24ea6bad8e475d82d6b62a493a31de78d819a4ff02e283b27c09b8a117cd7221f2c64389eb7118df271bdf9e108c631e017a3c9f94b292fab24b0a27499ed95e9221739468f4f52f43af704c26e217111067f9ed70721433b98855e8a6fdb892e6aa739a0c422e112b5f2ccf057e300388a1f9e314cb4855e303753aa8432b7b71ecf318"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r20=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005fb40)={0x401, [{}, {}, {}, {}, {}, {}, {r20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r19}], 0x1, "4cb878f1e99b05"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={<r21=>0x0, ""/256, <r22=>0x0, <r23=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={<r24=>0x0, <r25=>0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {0x0, r23}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r21}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r24}, {}, {}, {}, {}, {}, {}, {}, {}, {r25}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r21}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r25}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r23}, {0x0, r24}, {}, {}, {}, {}, {0x0, r24}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r24}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r23}, {}, {r21}, {}, {}, {}, {}, {}, {}, {}, {0x0, r24}, {}, {}, {r25}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r23}, {}, {}, {}, {}, {}, {0x0, r23}, {}, {}, {}, {}, {}, {}, {}, {r21}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r24}, {}, {}, {}, {}, {0x0, r23}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r25}, {r22}], 0x4, "9755154351ac9a"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000051740)={0x61, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {r8}, {0x0, r11}, {0x0, r16}, {r20, r23}], 0x1, "b0a022c5c8aaae"})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:17:39 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:17:40 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200, 0x8)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000140), 0x8)
close_range(r0, r1, 0x2)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:17:40 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x40000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:40 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:40 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x90000006})

11:17:40 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 13)

[ 2949.592761] FAULT_INJECTION: forcing a failure.
[ 2949.592761] name failslab, interval 1, probability 0, space 0, times 0
[ 2949.596102] CPU: 1 PID: 72016 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2949.597881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2949.599994] Call Trace:
[ 2949.600783]  dump_stack+0x107/0x167
[ 2949.601709]  should_fail.cold+0x5/0xa
[ 2949.602683]  ? create_object.isra.0+0x3a/0xa20
[ 2949.603857]  should_failslab+0x5/0x20
[ 2949.604838]  kmem_cache_alloc+0x5b/0x310
[ 2949.605891]  create_object.isra.0+0x3a/0xa20
[ 2949.606998]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2949.608290]  kmem_cache_alloc_trace+0x151/0x320
[ 2949.609470]  ? lockdep_init_map_type+0x2c7/0x780
[ 2949.610796]  legacy_init_fs_context+0x44/0xe0
[ 2949.612111]  ? generic_parse_monolithic+0x1f0/0x1f0
[ 2949.613358]  alloc_fs_context+0x4fd/0x840
[ 2949.614588]  path_mount+0xaa3/0x2120
[ 2949.615510]  ? strncpy_from_user+0x9e/0x470
[ 2949.616797]  ? finish_automount+0xa90/0xa90
[ 2949.617937]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2949.619294]  ? _copy_from_user+0xfb/0x1b0
[ 2949.620362]  __x64_sys_mount+0x282/0x300
[ 2949.621398]  ? copy_mnt_ns+0xa00/0xa00
[ 2949.622546]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2949.623866]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2949.625380]  do_syscall_64+0x33/0x40
[ 2949.626382]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2949.627866] RIP: 0033:0x7f01450cdb19
[ 2949.628768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2949.634193] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2949.636499] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2949.638650] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2949.640818] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2949.642940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2949.645070] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:17:40 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x40, 0x81, 0x77, 0x0, 0x0, 0x9, 0x6000, 0xc, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f0000000000), 0x4}, 0x1, 0x7, 0xfff, 0x6, 0x0, 0xfffffff9, 0x8, 0x0, 0xad0, 0x0, 0x5}, 0xffffffffffffffff, 0x5, r1, 0x8)

11:17:40 executing program 4:
r0 = epoll_create1(0x80000)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x2013})

11:17:40 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x2e000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:40 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r1 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r5 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000004, 0x40010, r1, 0x8000000)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
syz_io_uring_submit(r8, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r4, r7, &(0x7f0000000000)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index, 0x80, {0x0, r0}, 0x7fffffff, 0x4, 0x0, {0x0, 0x0, r0}}, 0x6)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:17:56 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:56 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x48000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:56 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x3f000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:56 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
clone3(&(0x7f00000012c0)={0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)=<r0=>0x0, {0x29}, &(0x7f00000001c0)=""/4096, 0x1000, &(0x7f00000011c0)=""/138, &(0x7f0000001280)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff], 0x5}, 0x58)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0x5, 0x10}, r0, 0x0, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x3, 0x0, r1, 0x0, &(0x7f0000000080)="5ce1893fc074da31d241da34092f9ec752a2d26fe01c6e9891479e942f959a263be913c3b86fe8483c58bef67041e8c91bc357359839ed3394c1124363450621058bad089cbf", 0x46, 0x20}, 0x400)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:17:56 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:17:56 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 14)

11:17:56 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a550", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:17:56 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f0000000000)={0x80000000})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000008f2e8258563000210c0000000000000000ff074e9ae8000200"], 0x14}}, 0x0)
openat(r1, &(0x7f00000001c0)='./file0\x00', 0x20140, 0xa)
epoll_wait(r3, &(0x7f0000000080)=[{}, {}, {}], 0x3, 0x4)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz0\x00', 0x200002, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r4, 0x4004f506, &(0x7f0000000140))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0))

[ 2966.042967] FAULT_INJECTION: forcing a failure.
[ 2966.042967] name failslab, interval 1, probability 0, space 0, times 0
[ 2966.045441] CPU: 1 PID: 72586 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2966.047029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2966.048803] Call Trace:
[ 2966.049358]  dump_stack+0x107/0x167
[ 2966.050252]  should_fail.cold+0x5/0xa
[ 2966.051161]  ? v9fs_mount+0x5a/0x8f0
[ 2966.051955]  should_failslab+0x5/0x20
[ 2966.052776]  kmem_cache_alloc_trace+0x55/0x320
[ 2966.053744]  ? v9fs_write_inode+0x60/0x60
[ 2966.054629]  v9fs_mount+0x5a/0x8f0
[ 2966.054647]  ? v9fs_write_inode+0x60/0x60
[ 2966.054665]  legacy_get_tree+0x105/0x220
[ 2966.054684]  vfs_get_tree+0x8e/0x300
[ 2966.054700]  path_mount+0x1429/0x2120
[ 2966.054722]  ? strncpy_from_user+0x9e/0x470
[ 2966.054739]  ? finish_automount+0xa90/0xa90
[ 2966.054755]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2966.054772]  ? _copy_from_user+0xfb/0x1b0
[ 2966.054795]  __x64_sys_mount+0x282/0x300
[ 2966.054809]  ? copy_mnt_ns+0xa00/0xa00
[ 2966.054831]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2966.054849]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2966.054868]  do_syscall_64+0x33/0x40
[ 2966.054884]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2966.054895] RIP: 0033:0x7f01450cdb19
[ 2966.054911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2966.054920] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2966.054938] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
11:17:56 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 15)

[ 2966.054947] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2966.054956] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2966.054965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2966.054974] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 2966.066932] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=72577 comm=syz-executor.0
11:17:56 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123a5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:17:56 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = gettid()
tgkill(r1, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0xa3, 0x6, 0x7, 0xff, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x1, @perf_bp={&(0x7f0000000000), 0x1}, 0x90a2, 0x7, 0x8, 0x5, 0x3, 0x8f, 0x1000, 0x0, 0x5, 0x0, 0x9}, r1, 0xa, r0, 0x2)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syncfs(r2)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:17:56 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x40000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2966.331714] FAULT_INJECTION: forcing a failure.
[ 2966.331714] name failslab, interval 1, probability 0, space 0, times 0
[ 2966.334164] CPU: 1 PID: 72970 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2966.335632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2966.337390] Call Trace:
[ 2966.337948]  dump_stack+0x107/0x167
[ 2966.338712]  should_fail.cold+0x5/0xa
[ 2966.339521]  ? create_object.isra.0+0x3a/0xa20
[ 2966.340485]  should_failslab+0x5/0x20
[ 2966.341295]  kmem_cache_alloc+0x5b/0x310
[ 2966.342154]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 2966.343246]  create_object.isra.0+0x3a/0xa20
[ 2966.344166]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2966.345246]  kmem_cache_alloc_trace+0x151/0x320
[ 2966.346232]  ? v9fs_write_inode+0x60/0x60
[ 2966.347092]  v9fs_mount+0x5a/0x8f0
[ 2966.347838]  ? v9fs_write_inode+0x60/0x60
[ 2966.348716]  legacy_get_tree+0x105/0x220
[ 2966.349577]  vfs_get_tree+0x8e/0x300
[ 2966.350360]  path_mount+0x1429/0x2120
[ 2966.351165]  ? strncpy_from_user+0x9e/0x470
[ 2966.352073]  ? finish_automount+0xa90/0xa90
[ 2966.352989]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2966.353964]  ? _copy_from_user+0xfb/0x1b0
[ 2966.354846]  __x64_sys_mount+0x282/0x300
[ 2966.355699]  ? copy_mnt_ns+0xa00/0xa00
[ 2966.356522]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2966.357632]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2966.358720]  do_syscall_64+0x33/0x40
[ 2966.359504]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2966.360588] RIP: 0033:0x7f01450cdb19
[ 2966.361369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2966.365264] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
11:17:57 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x4c000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2966.366871] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2966.368584] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2966.370072] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2966.371564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2966.373058] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:17:57 executing program 4:
r0 = epoll_create1(0x0)
lseek(r0, 0x2, 0x4)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x228202, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:17:57 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
get_mempolicy(&(0x7f00000000c0), &(0x7f0000000100), 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x4)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="05000000020000002e2f66696c653000"])
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x7fffffff, 0x40)
openat(r0, &(0x7f0000000080)='./file0\x00', 0x501800, 0x80)

11:17:57 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:17:57 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x48000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2966.664212] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=73382 comm=syz-executor.0
11:17:57 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:12 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0xa3e, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x5)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:18:12 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000140), 0x8)
fcntl$setstatus(r2, 0x4, 0x44800)

11:18:12 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567f", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:18:12 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:12 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 16)

11:18:12 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x4c000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:12 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:18:12 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x4d150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2981.620250] FAULT_INJECTION: forcing a failure.
[ 2981.620250] name failslab, interval 1, probability 0, space 0, times 0
[ 2981.622141] CPU: 0 PID: 73688 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2981.623139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2981.624171] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=73691 comm=syz-executor.0
[ 2981.624336] Call Trace:
[ 2981.624354]  dump_stack+0x107/0x167
[ 2981.624374]  should_fail.cold+0x5/0xa
[ 2981.627445]  should_failslab+0x5/0x20
[ 2981.627999]  __kmalloc_track_caller+0x79/0x370
[ 2981.628695]  ? v9fs_session_init+0xa7/0x1680
[ 2981.629351]  ? kernel_text_address+0xf2/0x120
[ 2981.630031]  kstrdup+0x36/0x70
[ 2981.630496]  v9fs_session_init+0xa7/0x1680
[ 2981.631121]  ? lock_release+0x680/0x680
[ 2981.631745]  ? find_held_lock+0x2c/0x110
[ 2981.632373]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2981.633109]  ? v9fs_show_options+0x690/0x690
[ 2981.633786]  ? trace_hardirqs_on+0x5b/0x180
[ 2981.634432]  ? kasan_unpoison_shadow+0x33/0x50
[ 2981.635111]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2981.635872]  v9fs_mount+0x79/0x8f0
[ 2981.636406]  ? v9fs_write_inode+0x60/0x60
[ 2981.636421]  legacy_get_tree+0x105/0x220
[ 2981.636434]  vfs_get_tree+0x8e/0x300
[ 2981.636446]  path_mount+0x1429/0x2120
[ 2981.636463]  ? strncpy_from_user+0x9e/0x470
[ 2981.636475]  ? finish_automount+0xa90/0xa90
[ 2981.636487]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2981.636499]  ? _copy_from_user+0xfb/0x1b0
[ 2981.636517]  __x64_sys_mount+0x282/0x300
[ 2981.636528]  ? copy_mnt_ns+0xa00/0xa00
[ 2981.636544]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2981.636556]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2981.636570]  do_syscall_64+0x33/0x40
[ 2981.636582]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
11:18:12 executing program 5:
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff}, 0x800)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
mmap(&(0x7f0000fee000/0x2000)=nil, 0x2000, 0x2000005, 0x11, 0xffffffffffffffff, 0x40520000)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="14080001", @ANYRES16=0x0, @ANYBLOB="00042bbd7000fedbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x88000)
r2 = open_tree(r0, &(0x7f0000000180)='./file0\x00', 0x88800)
write$bt_hci(r2, &(0x7f00000001c0)={0x1, @write_le_host_supported={{0xc6d, 0x2}, {0x5, 0x52}}}, 0x6)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
openat(r3, &(0x7f0000000280)='./file0\x00', 0x769800, 0xd2)
r4 = syz_open_dev$vcsn(&(0x7f0000000300), 0x4, 0x800)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x42080, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, r4, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
mknod$loop(&(0x7f00000002c0)='./file0\x00', 0x2, 0x0)
openat(r1, &(0x7f0000000140)='./file0\x00', 0x450040, 0x0)

11:18:12 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x80080, 0x8e)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))

[ 2981.636591] RIP: 0033:0x7f01450cdb19
11:18:12 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x4e150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2981.636603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
11:18:12 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123a8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2981.636609] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
11:18:12 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
mmap$usbmon(&(0x7f0000fee000/0x3000)=nil, 0x3000, 0x4, 0x4000010, 0xffffffffffffffff, 0x8)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 2981.636623] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2981.636630] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2981.636637] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2981.636643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2981.636650] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:18:28 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123a9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:28 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x4f150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:28 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 17)

11:18:28 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, 0x0, 0x0)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:18:28 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x67b9aed9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2997.968694] FAULT_INJECTION: forcing a failure.
[ 2997.968694] name failslab, interval 1, probability 0, space 0, times 0
[ 2997.971228] CPU: 1 PID: 74381 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2997.972688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2997.974551] Call Trace:
[ 2997.975107]  dump_stack+0x107/0x167
[ 2997.975868]  should_fail.cold+0x5/0xa
[ 2997.976666]  ? create_object.isra.0+0x3a/0xa20
[ 2997.977642]  should_failslab+0x5/0x20
[ 2997.978441]  kmem_cache_alloc+0x5b/0x310
[ 2997.979296]  create_object.isra.0+0x3a/0xa20
11:18:28 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:18:28 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567f", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:18:28 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [], 0x4, "9755154351ac9a"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000005eb40)={<r1=>0x0, 0x0, "c2a82d07fe92c7944a4f9a51f96ac50b053ce087781010a12892c84397f02ba66ba53516bffe0ba526cfdc1dc5fa79631b4fe11dd1e3c186e2ac54e3bf0ad08acc15c0a815cc86395a4ea39d6fa087c1893978894c2a31ee257aee6efc2a93ee8b978af03a38e626143bb42951c0f765306f9b9b5f4a8634c304f8b5657fd385aa4df899729af0daf9447f9d6bee7812090126f4891ba799e7670df854a5f26959633b5fe3feb2cb97234dc280d5a4e4f59a8a34a53246cb85b6f518ce44e7b115fc893bb998015240114bdb1985ef9ed6d2f7ad1c062c15ac969932533d593977bb6172336784abdb5d5fcf9174fdf84155c53eb7b6909bae9acccb6f9c5409", "578a308526dcdc1c3c34ebc3f4a528550edbf36a80214344bb2a89c8706d12cc59b2d2cb34fc3fd72ba1758df6eab210359256eb2fd90eb2d6b416975c68fb8ab99ac3e7bf2b7d891601dbd491da9586358c43e0589435d136cd2cbcba303ccb007f97a40db286f6d4ccf8a855739d42a1d8b9d87bcb81be6718ea666a0462587c409834b9285eadb6aa77cc0b650017bc42c74c68bec5e7edc07802be34dbc40106e80003d60ef05710571db9e4b6bc33d719cb8a149970374b580d0c99320f7890aaa69a3028ce2540748589f444a8bf446b250f12802376a832d0a2d9ef6644ba94a4eb7be925ecf7f90381ad420ef4b50a6dd0dfa452376b7e2eed6ecf46945265636b92cd183f6d994ca052c283f029090f2ddf4b890169ad5da7d61c28f8673c1b3cfd3d76067463823f703234673dce7da9076ab88ece20ea089b8b7d02c75accf411d5782d9fc33919e9c590d9007183958cad845b20054c9739089d85c854d82ba72e87caa19338c2f611c443109039cca07bca8dc4f89f13fba8b402a0e35eff4ba79e8361924e82bae57f2960011e16657d426dc07b01982126a82d89c900a6b66263568d47398cf7ad65112b38d6257ec47dec82a346a9506ea7f76bbe40dfc5c8c3c1f842be3e7c35cd6ec217de699f29dd33a513fa2fd7edde1b5935461f53911e8f642045daa4ffe4ef5f622d8b5389e17a92ea635ce5e9a1f1f267d504f42c67d30c10622387f903ecc79930e92187e5e784544a629ddbfe3d892a5b503f2a27a287584c3479ceca44ff9451c7d39770c943cd9dfafad2a467cfc279590666394903cc182c5e60c935b858f57a8fdea0e7caf3ccdf7a741c1a0986985f71a8e9b846e4f9f1bf8f16787832d4fa6febeab2546903a6d4c36a7616dcc4350c77a66b0351ee8ac60bde46588c12370efd7e5399f9eeb67d459f19ec47c14994ef944348950ddc2da75b3570692195dc88983083490269c9c2aee5a9d04589ac749849e52af9ba4793107fb044390b60842fdbab5eadc2a0d4b10e06f6d107c84ddf88aa721f5f2fefaa20e2a69e04e53b7ede0767df79b66800ead86066049a43e1f1d2afa44713a11c790bbdf1e99d6563b22b1a1dfc56967194966d346111efad265b09de3fa7469b43a8af396ed062a1cfd558fa2524e01384d8a37fcdb1f88468c3474e4b3c09c659713c9258fe589ea5c832b986fca4f41c9a1cc38848a71d0e8017941ea2fd64452319b378abfba95265a48bd00ee7887eb4946fd237e5f25e15d6a974d8092aa8459486cca0c406758cee5a8915430da5a12480240d862b1d17d212d87b0e1e9f8b70dd4df7184ab548952c47e4ca2d24894995c8c364533ac3bc0bf87b8d06be75e29ce50477025d41843ef562fb95b0630e4484b3ff07916efae067a720fd1210250d36840abaa004ab0a4085d81c34e9e34c556648920c2640f3d6261b7a2c23ae85e4c8173063941858f4b6ba9888384b9cb7b261265bf5e9589931230434ab74d6d48bef22523a5639b62d8561f478eece8d00eff205f01a329e2508d072e6062fd2579272165326a33434defbb9c147408785662baab52b554080ff90bcb6cb05e50f2e8fa163ca7a31f9a03aee6f7f69f2a3d39e31abb2d9059fd82b8712065c4269a8af352cb3d1a3467c70f96abeed8c33d90e0a41a41bb8eadf78c6fe979f1003ad6df510e3b28c4c9828282624d04ff5e1d091994286ebd6fb43a6575e4304b4ae16a7a4c762e0bbe6041d9b3a17a95dabe305ae300e04004042ee3c764652823153a18b5cb15ead463aea5ad16fa225194e0336118738e7e10d8d9e0b7829ddff78165529aabc98d40123fc683831596061158e8ed29f87c63a49cd7157fd3be13cd2baa3acf96de2320b2b7c7b9f216b78ccc459b568a5d7a6439b17f3b3c97fcef96ccf94e80725f3a8d34c0aca16388444c5f76db6d551580676b231deece91857c4d227acd6f1932629ea2d17d5bc54ebab420a217794e4e39da9ed3a5544a37489a5d7fde5b25d042b92d30d3aed10727d7bfe0dad0dd6e236fd17ece5d17fd73cfa2b175ddffc13e2c11fe8b820bced0da501558ab1dd4c41d99c7b4a9f343636241395d25e79f73ac6307be9a60c2c7e4d3b3beae68e4ab12107b76e64206ff409ba24480ee6e313bd9b53d9ad4f6a749e342c6ccbe6c65b371f66ba70ce979862586c03150596d633d33c8d303a3bd26121254a9f937705994e3ca85bbea29acc83359b1d769d5711f60bfc4373aacc9b0a531a6bf5423039b300aadc0b7c78cf993b41c20b9026e86c5afb5b8bf53960a6bb04815216575831d3e1479b195d1eeb23716ed99052136ae33f13450e411d6c58d0db263e9b00bfb806f70f8f41e4f837a7d8895cd26c37ed2a484a948fbb44fc06b525440b5a652a9fad03639920af33eca8c6972977859d52117c3502923bab16ed9bb2dfe8a72e1647c21fb887d7fbf6c59f4dccabcc404fe9d0dfe90f29b26dfee68cfd96089a2399dc38df4ff182b75ae0f9099fae3b917c6e62130fc1a404c1d5e47bb3cd9e0146a2604d262b81c495f40cea2b8614488b0267da1f4e2f6746bb5cf41a3788eaa4d8de033542dd0c4fbc2fb21d42ace78b616cd2a9d08376de0bb3149e64783d50e4fe077ef9b89a55564f14a0dbd819f9df418eff08811d4e4faa9b9f11495a7471e11ee41c3f8f05a44e7f8f8a8b34425d29a730be73eaabb7a602aa10a5c57ce5ffb1ed17da3b02e751bb16a0e0237ec4d4e8f74d9d0f4e1c2473c520006df941b66423a34c22f95df89116247b6223f1c95a06d7858444af3d4a5b5571866b684108293e119caa14c49d0cff7ceb6b336e62c3a94f90daa83df7bae62284f25d5985c10d0e64cb03111ed1a44387330c59b3de5d9e908e3d16f6208b930d1054ab5d3e271f8301d4b7a69a9b85bfbe34b0054f7cb532a2e236e687a7d1b47dc2388bedb4218ee13df5232595212ef6d0562b3f702cc39b996e51bad5b01008fb55768cce19925cc21f71aff23d268cbb589d3cab6683801bb18733079549e79178a4e76b0b9623e526dd6edb9f7a94b04342400a67de237daae7cdcb33e7f2e5f7f62a655a9161490fb8f8b60de93827b29abc4131453045188a6e174abc2efb3ca482338f601bde430ce01f1c5bf8ee7b170adea7ce740fb550c2e906c2fe3d4fe8462a49f35dd40150b43e9585cb79aa5f74810eedc3e9afc55cc40674fbfa74535afa50281a377aa92ea8106bcf86ec15cabe13c48a0f0f6c83fc43f18b96a57a631149465626678d7bbddda48a46563e98ea3d0c1fb3b3a04ec9b2cd81deed37dc4b737bd1efaee1b3c7f6bb855dab48b5a02220746d3b8c2cbfb9ba0b2fb0a61cc12887a394a20dfff5662d7f6b0e653731d3da67413dd23e4ef483c9ec097fc8bd70fc788c06dd0e484f204b4e6b98f216d352527fda4114f7c5435272b378851d16b69b5230c72a7ab3bf485fb8a1c7aedb389d145dae1c71f35ecd372e309474db869c8059b8654730439c70893cac0451ddafc579e21e297990cdd90d5f34496ead73c38e44db4e1d491f28e47fa6b914f4ab04d6ac615a03116acb2b98764ebc11d414a4c6653de78539d0e36ca0f70a9e443eab40c92e1509ac85ea10b916e00c2282a02590ff5f67e255f1ab52e8958df69471c2e3ed44490dcb4e7f7daa86e821e451c0a0cab51e00f040b0e02bdb4d230fe668c7d64ce818dfe26c56c405ee23858b0c306f47ecc665e38f03bb52b6c4ba8ac398930277812bc84d8c56b5d4af1fe8d76ec40db2b879f258fc7df012deae738d84dffdcce284da594d14a4b48f47a3ffd63626bc14a99ef2e8b1e1b15009a4ea9cda8bbcba9ed5456fe04138fabc860da05997801926d46bdbfbf85ba14e078dbffb9018d4151571a8b79a74c3d6a2e8bdbda40e40111c4d6a9b28912b1dab5c100e350f2e171e0fe4004b753ebbbccf626f433c381d65e7d9a894ed56ec9f12ddaffa16817674669f2f57257c874b8b5fe68a0df8289df4ef61e4551bd7d3630e97c25da4323d37d69bdcf361f7e4250178720fc2b72bc3018c984ad1d0a9ae84a63fb01975439aab3153f5859eb81511d8411b6f05f4ad2a69888ffd33f10f087460d3836bdf46a04d02a8dd2c48068176378cbdd76a6137ca63d48863c036a020918f90a5b0cfa46ff8c1028d8f26557a9a82298ecd90fa70341921cbd4cfbf8ff031ebc550bbb410388445f216a3df03070a27c8040c7643baa87a378fc45b94dd606d22a59c284bf770e8a72b15d50e1bdc6740ad08877b09edf49d17b7df8201f781f48aa16b8052c3e45be4d5d6c4cd7e6ee7b9e5bdc038e88a9c6ad94056cd1174674efa5cb42e316db0a5045a0ef396870bb2216af00d07ebf6696ab5d97658e70588d13e5d0f5819aa1caeb12be0e18589b1e3f1ea9088f737a44680058adddaed50a212be9d6c5e75970eeb6c2c7881fde1e492b6d0983430de824426e1eda15916aec40b76ab129d58820e67dc43287517322e36daf83d4eee2bf3c5bf44580c57e70bbeb284b8d9236001563f917fd05691fa80bd1cd1e9f657fca163b3620cfa2354ff5e589fadd8053e077cb796ce54547606c7fd3fd0b6af36e27a8936f01690632c176ac8630efd89694795da5f7ba21a185ed61f5b35aff5d2dbfe614299fb1c2c2f9934979deeed053e16a01fe673524c32a3cc894681b06180881d432c29c5fef833a410aa0a32d8d6e63749d22af55510d07f753d64ffea26c8ac9c7c5bd90565d0de8dde272859e8b7690353f26d66ef3a75c5062cbde63b0ff9a49895e43c60cf43b40606b5c442c3fa40d5294aa7abf459fd8875bee582adeef6638114eadb4c1f80bc3e68ce33d9163e4e050fa9619282e5016619d0c5817565aceecd0a293bf02274f0a466d482fc84cf5973a30883556187a80740075807c26b02c24e7542bb8afe07303dbdd2b957ba258ddd8f5b8b91bce0799fda00237615f5a178afa42987d737266e6f3861a0514d5bc7009fcd8899af1e1af8d73b8a2e1f1113da6063ae818a2a9055058d2ed2936b5045516509665d7dde372adbf1db9b848bd17796e32d2684b86ca8502150a36c80a7736a33d5059f0f394309dde6fa76ecc5f978ab8a12731bc78e085aa403d7e3f2596ef545bdaa2a5069abf3a4be73bf29d4965a9bdcf08b65aaf6b28956551d24ea6bad8e475d82d6b62a493a31de78d819a4ff02e283b27c09b8a117cd7221f2c64389eb7118df271bdf9e108c631e017a3c9f94b292fab24b0a27499ed95e9221739468f4f52f43af704c26e217111067f9ed70721433b98855e8a6fdb892e6aa739a0c422e112b5f2ccf057e300388a1f9e314cb4855e303753aa8432b7b71ecf318"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r2=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005fb40)={0x401, [{}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r1}], 0x1, "4cb878f1e99b05"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000053d80)={0x0, ""/256, 0x0, <r3=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000053f80)={0x5, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r4=>0x0}], 0x0, "60d497186a986a"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000054f80)={{<r5=>0x0, 0x80, 0x8, 0x7ff, 0x4, 0x6, 0x0, 0x20, 0x8, 0xfffffffe, 0x5, 0x7, 0x5, 0x5dac, 0x5}, 0x20, [0x0, 0x0, 0x0, 0x0]})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000055040)={0x0, ""/256, <r6=>0x0})
[ 2997.980392]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2997.981587]  __kmalloc_track_caller+0x177/0x370
[ 2997.982557]  ? v9fs_session_init+0xa7/0x1680
[ 2997.983474]  ? kernel_text_address+0xf2/0x120
[ 2997.984421]  kstrdup+0x36/0x70
[ 2997.985102]  v9fs_session_init+0xa7/0x1680
[ 2997.985987]  ? lock_release+0x680/0x680
[ 2997.986820]  ? find_held_lock+0x2c/0x110
[ 2997.987677]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2997.988683]  ? v9fs_show_options+0x690/0x690
[ 2997.989614]  ? trace_hardirqs_on+0x5b/0x180
[ 2997.990679]  ? kasan_unpoison_shadow+0x33/0x50
[ 2997.991628]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2997.992688]  v9fs_mount+0x79/0x8f0
[ 2997.993441]  ? v9fs_write_inode+0x60/0x60
[ 2997.994441]  legacy_get_tree+0x105/0x220
[ 2997.995447]  vfs_get_tree+0x8e/0x300
[ 2997.996366]  path_mount+0x1429/0x2120
[ 2997.997484]  ? strncpy_from_user+0x9e/0x470
[ 2997.998552]  ? finish_automount+0xa90/0xa90
[ 2997.999674]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2998.000831]  ? _copy_from_user+0xfb/0x1b0
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000055240)={0x0, <r7=>0x0, "0ab06e3d4e971b10109766520507e6fe55212eddae92537f63c3c1b3dbfdf5ce566780003f7bcc240e79fed531c387f137520d9565c8692fee21917ec3cffe8626a40a0167aad816542e6a5ab459f1f01250a95c13e69fbd13ac89cb17441a7c79c55eff0eeda062418e86539c6cbf5eafdb6035e4c05be263ee4fe3e74bd13cce1bf69b223ae03284b28461d9a0c0ae42aa39356e2aa7fa5d944f65fe4413f81f23c8a418c5a6d152efba4ef8c55d94ac7c1cc94d225598f1268568f4ae60a2c81933d359b75bf0ffa93cfee52cc5cfa41e88442698c7fac035bb83266ed7cdba13dcfdbfd185fcdd6f3dc69dd9f9ed82693a61d233f21552a77e2686e5c690", "08c308739a61c1f7a6d21dced13a006db5d884fe18b0d1e0f514dc9c836bc54dc872ca389f518c9d5b53a449c8aa45b35f61fe008ff7411e36f055e580bad5d3a2e3d8f5e12c58bfd209d115ca7997b453dd9db8cedc9d079e208dbe47750a9d6a3af47257186759d8b32bcd15d373fa2328ce3523a08fa5beca339fff64620df43962d285c38801b9969204eb26176786cc88de827443da48e0b71bc382f592e912a18de8edd1149e37351a8f0f390bd99abb2ba283e09d18fa6ee81b0fc7ab1784e99f190628133a82648d37029db14b3ef221d8da2fc51c3f10a25c90b4b626ddfb55bfdfe03f1a63a01553f0a4a3f5d251dd9fe74d1fc4d4456e0bd00c24f883f70465f3962b68f9aeae0960dbba92226c72a1c3da15159c7a2d5c5e4780b66a532ea97b41aa0602832739f9ef8cc81c2d117fc1fbcd6ee1ac7c45401fe99442db8464bac6aed90e0b05fa16e8b0ee8dfeba644151f4291f405f1f7be8d402eaf9adc86643ef0da5068b1369a4e74bfc8d73d61bd91a34d6a9fa237d5374399ef4f2439c9f65d7825125d65271f872bda392c0a75406c58995192a8f3018cf30a49e32b1df9d8ea2d1a82d142c51a5d0b15ea095769d2be352b294556e3819c63a1e6c300a333a85bacc97f66ffd90d7dfcc0208550bfb8653a05b52f839d4851e24a68b5e909ebc00bee507cae9255084f5b3542f453d5f76993577b949bbba79232f8fa29c188a31da1b88ecb6721ad990f58b78ff20175950772393af14497d5c724affd9fa426249d17ae78ba74f324eeedf37c5d174da50e24cd5ec4b99a12aeeeeffc26a48da99feaf7a80bbc834f0d60c39ec35bfd49c1fd63df173f701991c2639f8c747ee129a20e99dad86e9125e9a473903e9418af6d8b76c5a16342cc563b8346ed91f71a46830b3d5379f83ea85bbd5562d68d2dfac2514db4bb285be19662710969e6093c24384f66de8737bcfb87dbe1c60181d37b1968c9942097608ef4f5157b06785074f9160e8fb5ebffcd6c8fe6d24ba31fa046437f2aa648f8a090ea28e8a3ec772ba7f055c64a199e965a77156d8c441da99b4fcc6de6de38569cd7d737906a96f8292e377e51ba6102dba9786724ceae334045a5cbaf3961e9fb38184a4905315d4dfed066a5637a10f1c180ae5beda86310d68a2a4f22dcf1e5228728a2e4186f0cabf9c7740113c0ec496b0b6e66a0bd47204b3cd99e46d38a1e5e46edefcfa91d013df6aa25df73c4f9541744a70e1a09f0801b4938da0454d3b86117a84e66580888827b3eec13027151b5565b2c351c5f5b0bc033eb13495e4613363e8c75c14a2da0617c70f0d8f4751f6bedc7b97466eef1ab1dabfbfc623c5a77382c11ffc931a0d19244f222425fa51d4e4d97b893055db3ffa5e61ae4b5092fb0ca2f27722db846a0be491ce9737a8b5cef88a89b0a9fa97527987f44942fe05d86d2c3f84ae247f03592294b0cf250d5b17a89c591e96514bb043674051530a4359e0c4dc3928bdfbeb299a39d524ffe34c4ea8650b2b10e19632aed819c9cac6a470565eed9858475c145cb19f0bc0a5facfab8438bfa7d0b3d9264ec78ad16f56e1468ddd43c3255d6c58b93f35e60190aaa519903cdced5dd03691f78b46c5576d48ee3a4fa372c56516c216d7f3c75ad2b01a29b216a2ee839b6ff0b554152c430c8d2aa19210789d6a55b9fd523926b8cf0ba374223e0008d4d6356390dec51844cd5802794c21f8c2af64509e4c392e7a12c847d27cdd8491fd456bf53d158c51c1cfd8c5c5b634b7dbb32271a731b7cec2d5604384720ba26576983b78127c81f6991d76660bf74511a95b1c3d8904b9d9c7b79b88f2a973eb6137aa14aba90984557c554d227942d4640c840447be18b7869eb84705facc29c413ec719dcb5304caadc5f9473da404b1dd0aa560586c1d3d5a7bddb02992cf2aa5b42f288cb3226a5366b7fd6e70adc11474b4a35b3ca248d1d9e1c510eddc5dd088fbd56f97ac84e6737efd79e94076b665ccf665d5eb932d7c7290178e884d44187ab724914d916ac453b1b21a4c25d71f5fe99f48bf5bc48500481a834ec397fa4dcbf6cbaf7546d1197a4f9d164b80d4727f65214582ec8f19916f3449c0dfd484b1bab6023a7c3693ac059aac53aa1db98edb82017dd31776f94b18190e170b39044659a8c8ed2753910152f35bf474b70f58eb71114af73525d11a0ab91ddddd5c8697d3e7e0dcebaa17ce6d3d361c849034d95e5f9477b4afd0c59266601827f7bee0f33bf1aa9cd9d49203d17ae2e4fc277bfdff61003e813c87e602b6b678d19fdd1b42bd5ed5ff45da61f43801ccd7c4e6d2b9bb9f16fb64aec200cb57ce95673776cb05cdc50b5f4ac2015cb3d44a7dd5a3d794c809b1ab520209417c093c4dc3c383eb75d987edc82e940eea134a63a9c90c393a782cd801e1d6f7467641302d26031feae36ca1d3c284a9988af770105ceb52342fe9b1e194a191462cdfc8545b95265e547ea8314a21b4a72e5762d4e0b4501e241748748a62a7bf4afc9b69ada310e48f1464a0d117615132f1d451fd1ceb2b285b66d88856ecd33ad0532644738a97182ee8817f5a5769170bd6995f1bb95cba6f3c1413d932733110e1f5a937255a2de867ab79b4d8084adec581b5537e751ca77b39c89c0cf2f4617d1d141a75c80b35c64d31421ff33f7d8a79a4d3dd45517e72313c989f4dac76e0483b4e0e09c1903e3913ce84cf9f8dad1ebd14834dd2bfd7880fd6edce51a09e829f509c8e104755b003e014e7dc62a96a001dfec8250319bcf3d3493d12a0fd86131d72f138e69c85c2f64bace9d17dd375f7dc00aff35a7d30920ca56dfa8f1d94435fd131a9d2f1584b065e3d91b5b3e7891298ef6c0d317f8f392e5f53e9af664b79a3d0d631949a618107a9ea455bc47228102ca997b2646811af1c28bd83c744ee04a678f87c24082a5e539ff199a83002a429876232415e2edc1bd1c2d8d3db514d09c009e968bef7eb010c93e3737c4e9c54790181ba90c0110c90386e49a27bd1061efa6e94bd10c4014d4cee2f5f12abeddd4fd1064e1ffc50c6145e6084b0c8ef684ce06e72b423dde04f3fa7d0c6c3b99255d09f74e6acc75e6da05aaebe2026a752db5a89b9d2cb791b9c820050db0f4cce3bb3ba968db87c3fc4adbd7cd3c86ade7bb12bd51615d686cf3fcfbc89ed9c955e868d4e1a415108f39e7bc4a20b0f3e1d7f8d46e1efebcf32f5290c6882ddfbd5fb9ac7109b8a557836d3feeb20dd353bc58d7a4d78c2fcb3bc9f86f1d0a8d7136b92a8f748d9176b5ee35c0c7dce7c59360d019ca68d391a6f1a781eee58598c1db64e563e1bf34d2ece8f5722d2b9ad53f6065d347da5a38d24fa75645135944b0f7e42e89d7540868461ddb0b81ad2981be1f203e0e2368b35cea32d6df782c580914b9455739161baf62ad9d65ece2c5eb73708275f74791ae16a372c7c60b9a0e6e634bfd6f976cd2af3ab213dce85787c318b8cdf23f4d924dac7a2e01a77667bad33499730b6f7c85c10d69aff7dd2add60a43f6e3978a03cd523b9c1a135178818cf61fc21e4ed97e1a2bd5a92d0b5deda7ee70c60822c89762e2984df46d5b98818e6e6f8392b81cb0d78dffb51081a47244f55696349c24ee3a99280f0fcb8ced764810d02f90bed76d2d9909b73e91c9c6ac8d623be40bffd74cacec43b36f9636aacd5dceeba9c7c14ab2d724158ce8f4cedbd641677fc43003393d8d2465b01d2c0cef06c7ca4c95e5cff6cd16272c2df83ab2af958e87476b7e3baacafd1bc064aa7a7a39751c25ea1b8befdfe4ea85ee1cc1645e20b23c08a02d5b3bd309cb00324fca67eb2a4115e41eb18ce8f3c7a34a76c5697e6dada2f75e458989c2c3fb29c670ab2bf9c21174d8882b7dfa8037c68fc9a3b63960a8a04e9dcefe9c1ea157684752f3359f1b0a8dc8755662dc36c792e41193106ffb751d14b7244b158fcb75c742ef3eb4bdf2d6ad3f26119d2af06fd46dc8697f1340b94b9d3a21b208a2141208648fccb54b54c425e163744688e08db87d5b6dcbb42758d17fe3d1ba4a0827ddef1b3ef5cb393325a25a66699ff769376d87c396454c9f34b0163d6c04aed52c885cf96bc9c6b7da9d27add0e8ab75f7987223a951629ec55f004499571e0fbb125c03a1a18c3c47718a54dad4c4f39828ce76b107d2da461d00ddd21deb51bc81f26ce95b9633b86f50af6f8d564a3fcc3c5fd661f49cf3758569082aced7a31a3787803a1340388c6aa4fa865e9514d898f044d6f56ad3bfd26d11998086f47d8d982fd4ff05d5d725fb931b714ab28a1fb2ffd5ab73afa91639d5ac94bdd8bdb44e3e81ee994542b12b3984a499a20a911fcf3559525a726fa9cde1e838307e9e037f91126722a77d1896a02d17e05ba02be7c99dcd65b1d7833664d6b90cd3a93116f8bf8445796e5398c26dd1bf3fd2b38be93895cca730c9d5ec31af85e84514c24c56ce44a7f40c9303394bfa1bc3f6227bd89244c81370bda1183c34cf05a0bdb208a0308e25add1fb92021bbbeaa8b08ee53fabdda7352138a2af9c60e91828892ce7662e12cfb9a95e53d081b1f5a626e9bb99688d7dbb5e941e148b62222fcd2e0bc41fa27ea4bada63652a62a205bbe5dd3d534dce4e7400980b30fd820bcfc6d44fbd45c189d2fedea6a6b995395c2f3ad8dea3252ee2e5d935ddcc35971e87375ba371ba834b72fd3c456a56469dc777230706ac5400f550c49bcca293a7bd84d055f2a76f5daa8cee6ade46a4cd2fe165bec61f6fffe87f0a15fabc3575921224c78d0e4ac849e74d1c42a4a6330d76a9918ffe1f0e89afc0fef390a5629777bcde445bb945c19e77ef6759557c98f3086559fdafa71642af89e87842775ffd73a83c5af89e2fd0ba903cd154e50bda201360dff8da2370f236f9df73e9c20ae1064411d419a1da1d2423805e752861977d6c7ed4687f8bdb2d7b1dbf6cddc358c1165e6666d48bb687af0b73916bf36ac4633bd5c2c99676c12e034492f82c4fc8a728a2136899c0d9a6af8adea90df24f9b18df7423bb5f9813a2f1d090e7a9298d12b3842d25a5723da2968bbb7aace10c79e45223151773cdea9159ddff048dac0032b29509295d8b107989129043a2c30341f0e39e097b030d1aa4d205b98bba593ae0499b0a29c7f992e0e841bb3b0062bade8621a5016b812695cd52b95abcc983c4a82bb9511dc2c5feb4f2ea2c87113ca27df21c16f2e6ea67e4ba9a857df09edcbef69d50b5cf41df45c5ae4b2b72bfce583ba463c153ca146950538e67f9a265abe3b0c4e985c9ab7f8eb112d01afd06c827c26338e6ccb4436d088b89ff820db379a69e239d9897ff228b6c31d4ff7e"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000056240)={0x81, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r8=>0x0}], 0x3, "64c9136ca280d0"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000057240)={<r9=>0x0, 0x0, "42bc7130c2b3162389f89ccfb27a93b1706657bfa05eb60b99d813048294ccbf9562702165a35bd8a231fb2e20fb7eaa3b44498992855d779f0f529f53643ea7b864c76ebd6118a31733f76da602ef25b7a7e199845a70d56fb79b7adebacab6bb3f61fbda273f75d48bf1117613dcfb784b1ee6d1672a5dc28814e59424f1b7bfb43b0abe016f75032683211ef6c31ec82c4b66a6dff0723a9517af0231e0a58bd1210df1a05c99b2d9e9fbfd74ea32caeb7f7de9514b54c66de3850ca0c126b6d40484c9de60c0a2d4c84a7c90739c42ffb25bf6d4b68af3dba655c7961a7af476701c4ebdc386b046dabbdea8251dd626a3703ea3c1245ca1ddd1a4b751eb", "7f3bda14551bf69cca8870cb8b66c0fdcdb0008cf3e7f657583e09c1c895cf06fd8ecb80a01f5651c085eabb1bd2ea9f1d34b102bd32eeea92747b3b7ad3dec6fbce6d8416958106516f3cb289df51004aac1dee6bf4bad4829358397efffa3956fb078a206a09c3d7ca0f2d68b55a0edab8f8b499824a06faa37be2e1413ae469666ff626764660dce8267e548544e250319300f11b8ccc62b04703fd0cbfa9300792c546c8cdca81c473d0a2bbde145eccf38cc806a0953672116eb34695f85be3999efc5e0e1b978ca37327afe94a5f29ee0fbc2e30c34e476f7b55066740c7ed1203cfd2cabd6b1d0db11b5a1dff3859bcb265b59f2eca6318b14945f3d3578212809c7330c85dfede4cd02fd39344fa1e4a44a62631e21f7dcd1bc2d311dfaca18db36efc367614070c72bcf4c83a95743c504d0dc4b433a9c00407bfc203e6471ea43d0229a01d876892dcb36a37a998fc29ac1715083422e2f4455182c3fec3407863918a86fc260aa9e557badab5b21324f87e0d466c96cfc3cb267b737d13d056ca7d7926f521261d268bc376eec3e79535c8e5b44026cd37b84db39fb24a37172513fa73659f6cbba4ed592d8b776834fd6347a93b8e298be21cdaee850c696154f8b20b4a4e0de7ff657bcac30df6618472f4b0bc7d5b32dcebf40961996412e2b152e1440a8e438251cde6a6de843d65e97abf9cfdb23ced7b2bf0d8b655643e9e9b2b3f4d4a7b35c571bca8cd67460956b6d4fdc00503a433585d235bdfed196e70ae72931a101b752f07b3622c818e1552fd0c2f8101e82d1016f859fbed9728c8a25c58c7972aaa3000a6a86c7a461bd4cd576e7372458733a612beee181f48e29e79ffae49b5431e32c38bb7286ebbe9c890bdefa078eb5548a53553327b4a3e933027b2a1ad6a43af2580d10345b410eda1319cf9fbed8691e473da7c173b1a55f0f2afad89b89760bda0b52bd2fa958dcc9e1e6cb6de4455351597d33dc13b11b868f6dfe6f0f692e63aa6ebab5af256872c304e21e3cee23ab9346ca7e54eddd63bd2e077be3b269d618b7f9eaf14022848079a022b82d4796b254d0a2f6a3e326da06e1b02daf8e4657e5b05d4d50d3dad0191112e21545547cac55525ee427870e7b5edef93824c33180d1ddcbdb71dede820775b3c1d1ab632ff4b4b806f0bbe4adb1fe8656ad3aabfb08dc5f22bbb0ea20d8bfd02b2132644dfab0f78d3aca43ea346d9cc2dc55c02953f512a021b461b701cc622cad4513e2624a432fed09c30ab944126eabde286a0403ffe723cf12bba616f6d29f743250e056e552d750ac379ad6624302ae09c87942d444e77d3e7f5fe0b7c9623fe1819bc5c8192b3d64703c371b8f907483990514b08a7a8872cc205616474a6b79170692580e878ad4957dae45abda6214f69358d998f03a4728a2d2b5eee70d478b19298237aa19404ac885b590d4be2a023b052d8a5cd5cf9828af5f05f054dc6d253b7df1f5b4a9400f68df8e4624ba84f384ad5aac0d3a3c3a0e1f9f41bb045fbbe6fbd02c2ac306a724442e2fc9ef497e8c50b1d6dbefb38574ad93e21280ffe4f28f13279068ad7d2fcb9ab807a6d4e3661e47693b1a8e3d79f37f089a4491b04afff9d95365736e54ccdd52d00d2cd3b77a23f2d519d18d9a5571f44b8cf1dc909e25bca04895665927014d163be6c2ada3cad9ce97d0901e00c36ee19f9bccf76cbbd4e261c9c381c3d3f21db2687d5a6251150a276c0ef18b95d2f5a7bb4da8fdf39ce5a29d92c48118af578bad6257913221915a7454461753e30809e67a54fe38982b351fb43c58b1c8e25004aab2826f018bf00bb8accb08e23e3b5dee5eb63910ec43bdf738188d79aab39722d460d664b8c99b5e4c56f339e96b750348727ace692b31b82dc079755a62fe4aad371e54bca473296f418bc4e22ecffc652043d8a0d2c173a3243bda49f8414d224352edf7b979b05f4500ef24b40c37324a45ce77b6696d36a218323a1b167f7c1671d8a7d56ce92226ae88b5fff1e18bce7adfe782dbd003f102bca04695de2bc349d6a6d1115536745833b16426a7ba2ade951db8dc3e3cd0ed193f1ae380dfa78e7046a9639635ae7119160014b2b08a4f5ae804e0b0116037740b5fbbbf4d9011b2afa158b499a7208cd1a86c0457ba7892cdd8e54ab68919f1fcd083395e99e5b5c6aa95006bf5baf1aa73fbda72cbad9c760c3c42c43c5b8d75c74062aed920b193a864040d8f62f8f2b1ca297ae2e861495e3749a3e821554ee00eddecd162b50581de046e0ca786bce57c27dce4d13795076cf8eef02649eef459c519ff8d19a8490b70c2b91480b6a72d8cbb1439179737c8e28fed8b3599b9a780d49cf64308a3f0778cd5f3c34699c70d6b5c429c9bbe8c913d505668780f6e8e423da546bf9b08507d97e3154d902b985d3eeaea4f444e4110d12c6fea86578cb6018419afabe64631abd9775dd0cb2e70d980e1d5ca17c85312f1412632d3dc2ce47d1474c9928b1593548300fd3c4c4d634cc20b4507a1ebaae436c8c87b09a81284372a9e68f35b89f80b81889d8a960a7ed817807e26c43ff7d8b412e1563cc3e0a7c3e21b2dce6a1f51352114e95092761664314b2895262eba74a02421caad0489bbcdb27d50f7db396f356a53cc15799dea25360a5d2fc599e6b1903eaa3be66d37a0b019c3f7e254853cd2b88b5300695d663043895032cf344dca01fd9188f1d122960539731774911ebcf0035f5b5f7e3a6c2e37f64b5e3644e4743489a0ff311ee7ebe2c915389737fbd3be86165629810ebb74a9722d1d8edd4ddba02cd293c904ad8621b05113e6cd99d6fbdffbc019092cf849ee138264404744f2a228b742b339eef19bb73128146f9a97b454a75099967c284ff4c996db681f9739e3932c9a4e2633de95aaff60353486a7a1eff6dc95d43893371675097d22248ac5818b16a3c535590dd8c8c5a1d08c1ec8aca4923c8e05de1aa0e0e05289725525c7bce5e4dfb5b30062e0b47bdc333fc262911869067af9c819e26eb8fdb1db40487f25a2001821701dd29c030a57d85c7963e384562f75582bc5af7181bc04a411b17a4dc2fc592570fe7744e4d5f2d250086c39fd6ad866649feca9c1760460e14c4eca2aef7d0843b26cc16905c145f6ae17c6ec0912f42ce0fd15d33bafbe9f24f1d164992a38c44b1b986214c7b41a5cab848b11575a0abb77a226dd4ed8afc09085f2fc1d24ad5971bba3978f4de743d3e08a456a03c6afa6569d4fee73efafa1073e5f3d9d84e53f28a6fa818937e16dbb1f5293c92c028c2636c890574dd64d0e41bdaff107e1a38a46b306508f994379b6c6867f40bca4f2864da093923f3fb7dfe288ef17dd3d3db5c634506acf6ec18fb3fc7bd8ddfa5c9e507a6a60cb9463e2fe768b40a76d04c36c99e2c0b695f9e1f7f0d592ff38c8d6eaffac4e8491b1ee6570aa8930aef00407c278d55cea0f63e1a6ddd5951041e1e96fae900275cd31d894379bcef3b8bf3b03ee962756abf9f07963c9d3f1170d5f72f8e6b6c7dbbece6d98310f998868e3a4fd24cf688b3197586e769e4d0929fb1698d6b061e507a295f878c7ab8af1823ccd130beed88c4e4a436991cda6454486c05ccf3fc6b9af7df13bb28354ecb39607f4fe5b25b0b08c5b2c62330ad8c3dd15423c9ef3ecdfa3b7afe99c532216c4507056f345482fc132554838f88ce8ebcda332d3327b428db797551c4f9a4a9247e42bd5abd02fe75285e3354cd4ffb9d77d050d85056e59a77b49032ee335f25a613d61689c86259d005a249f394e321b6de76a6b3f3b05c9ae68a10944f5b3ac50d0c12fb7cc70119b69933872592d8a25cb41c9c516f219be8a10ec8521bbc24fb87b8c383b90ae1a0a87e17a9a7b5c6dcbc966c42b70873655e6fb7ed5bbec5cda3b1dfb2426895dd0712b347d87b6be9f0d3b778accd95cfdd321ef2cdd669142ea5f4fd008fa9855617cf0f5e31e1961d619b809468e05d65326bc068a8d7e64861bcfcc93aae238d856908c72253ce6dfcfceeae9509637faa52f9087e771edc12a054429ae63279bc33070ef642100ecf63155447e8bd703dc800c26c31187236d77e55644573dbba98f78be81e79533140b1dbd6c47b50bdc475678f1c8eab02cd7a92775a9f76f49f7739d3020be3ba3164c773d7ea3e46b424faeb1b4b1611131b5ba4676535b2756f58945eb8098910240ab87fed8a7490eb6b98859948cc17db192caf7b8d6af3cff9c1c9dd41c6e8aaec6e155771f4b5e047d4c0303b5bb6eb50103866f1ecde67e71fa70fe9c19836bdeafca0cd08522f6f65d13a89e712d2e58927e7d4fc51b5ecb7d7917002c37d407a4c98c0e20b804e48945701dd00a316d0061f6fd50862eff7134463044ea2d54d4aa8bb1413a458996e4a572016727496ffee341149046395e97d3c2d8cc9b3c92761ea28d456d3e02700fd979348ba8be00597d491106dc8382414ddd0cf5e68206da92a85d1580b38042cae3c48768d9de7acfe4a0147bbb3e57deacfc7b50d76f465a8150bbd41d9723f383d2d78edc75b79c61542e1d41e497e3dc63cf6d41ab9292f571f93d6d71c12c68b0f993217b34257c48b88e269d6719922fd7590e040ae7c9e53f5a0d5a0f3cb8e4a03bc74b7a065899802feb336d6ee4e6648eaf6c277863b39a1ac2cb321e53e5f38d7a195d3542ee50812c18556253981f38171c8f59d4f6c7211b25e4933857c88211bf517d88bb335142450ed6d1fb8ac8a35658f26c36321b5c5b6f543b7910b6b2a52bb6e5cec1fc4825f1e0e98c2400966dd21520416daccaa1823312b8c595d4f7d79ba383388b4764561991827b19be845380294fab845ae8185d1d99a090c8badf312334df3acdaa500289deade80f01c92fef75280beda90f71d3e12629c3fefb098b02402ff51e841a24e917461aa389841c7d8ae12ed907f55bc1ca03c48f573c127e308b24f2a4d537866e65dae687006cd2b1ba57015d83e13b474d02f56344df3d727f8abb95b243056bedba6b2fe548983841e49c948ea09a90ab0502c75ecf693ce0064363d32094918b7c42b0a633f997d8dab0a526e0152ada2fcff32e96d492e3beef32431de71eb9e788ceacdb9d387f54460aca3586fc8e5f126516d8dab82c8c4ae788d79747b070bf75b0e9ecb52f1ff0b4630e07e4c67f03ad97208f0ceb25e1b1be6ae6b07a6f61060843a867c1c0b7722623c2ff7b7bb581a406584f2cb891285d474afe754b547c207b68ce662f731c6169b1181dd6f252edc035ae8693c17bd84e7f2dc89fe2a1885ef830529004e7fd4eb091c5567420c2a5235a1e736016d50251a84c1aaf120f9927fee40b67bd98a9ceff3"})
[ 2998.002093]  __x64_sys_mount+0x282/0x300
[ 2998.003118]  ? copy_mnt_ns+0xa00/0xa00
[ 2998.004096]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2998.005414]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2998.006705]  do_syscall_64+0x33/0x40
[ 2998.007630]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2998.008909] RIP: 0033:0x7f01450cdb19
[ 2998.009845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2998.014440] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2998.016206] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2998.017700] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000058240)={0x0, <r10=>0x0, "c494ff4a58b018006beaf19852a8438636207914976a58a267c7070f26007e2469795bcc0b896aa51c77fcc841a37c2f6a0783ceefc87ce6641ca4746b76e38de3aa7bd03c62e904dce2bfb37ce22d5f5519f17366bcd13b2c1b4efb09a15abfa768ad8ca62f57af7ce694b6edb14c1d9ddf4c89f3a7dd147756317fb1d3ffbd2fe6d729df7a028010a84ea063378d229b0ee8eb376f9ba06df9e5411ae8b92c1d4a7fdea38639b8827f553c657f1b11a770b51ef3d65168c1153f5fd9db1be7ba907832f3dd2792825f48e811404f2b0777e450b977387c6f62e897fb9ca5059a9f45a0250b7a4f68bcd247eb2e26106f9d045346862cc9e6b7a476747a6fe4", "5d0d88d3c15f820b3dba696501db742db06f5bb06ae8ac8d4029c70aeebecf6241ec467d4533e71dc32bc73dc61adc3a82af133bb9d06aca742f27012a97db0d50fa0b6dedfb3d5bb829e04613e418f86fa8635b94bd3706ef0a3bbed412546d7bf7eada1a05750658a51451aaeb1d54a3207530bce5b9199e0006681048a8428c237135891ec9c532d25f76fcbd62d045730eb6f07435da2d124ed506ae85dba1bebf65df00199c3eb1e3cdaa536eb70c89264ffe67fa0dcfb1e1872709027e54e945c85073084520dd25430c2294028023c18f86ad9d46f75418e7453b67fb1ed6359443f491c424c6f354605eb5e0aa2518d70462ee9147f7d283db5731a4bbe02ce823faadce3f88f657de09ceb45cb8f6f20fd81c06f22f96f2642bf3fa1c337485b0b968807849461c7130caf9b5768d2db347a13742ddb089e7b83ad6cd029e54f235a9f4666323aa4784fd961665e1daf8dbfbe56281ebcb0aa7e462511fc164c67faecf59984ec1f4f58b6804e54f8d41e20d852c592338ba2346ea602d8a1a4c34e1825a417c35d317cb763254a05799a5c33e30a9b5ec5aa738330ca75c1292d233e9571040ad2b1fa0f9425d90fa91fb4f14a6df0ba2751301fb5e3ce1d5cce5fbb1fa80fdfe2506558c72fbc7593fa7a588f6f4dde373f3f9bee2fa2541a02efc3ea92ee23a82532452328d71d6013cd9d3df0d801f71abdd9384315ed05983b82af7c612e42b4c0d5098923195aa383a0ca81ba3dd126e8100a73ae089746f200518337fc2f9db1043b4946bf0f412a1ff7c14ee4cb711756b1ec0f1dd966f1ae9227104c1f885bc8e1d532e673aaada2069e1d3084a1fde5ba49e38a3397be6389fcbe7eca67fd594d2acd02c4d730deef920a23c7fc358cd554a6395c028ffd1b1f496ea53975ec99a736944eab6ff56b18243a7cdae251c713dc28d53d6017b6711efc8d1729fa7dc7003f1cfc9d922f392ce15c07f8d1bf02c38ab000701a8b9bb30b68e9368a41cd46c9dba85fe99b200e90e47cd49e2b0e3305078096cd75a556ad9a0d5c33f31f0b016b5d5092a50f804e8e9082fc611f2f351d61bd91784c3db2b73e062ea1caa815d37549087dbd84e39ee2ecb623add5a8208b27d5aeacd5eb0ffa671022468c9663712b5185a301ac5fd60d72f19e928afe485d7c6c66f694faa6df220903698f540840161e0f5f5e0192a2a786e4a3c5262e87919a85f39b21119d33a149a90487c5682d96836bd4b189a7af1c8463181e5b5f38538403d146d49bd0d43e37816dd626042ae627d7ea28d6d2ccb38c75c7994ab66bad52d8a2ccb453b815217ba684fbc63fd52ddfa70b6d5f0c79dd4ca717e9933bb4153c30a4ce8920140ba798d0d8c2e01ddf4eadad47dc8d2a6efb9d29c0758da2f36bc2613447b36503bcaf63b479d801042c580d909d0e68d0243e9e8be613a90a62f0889027124a2ec844c262f80f79065513e74dcc126fe804d4332068b07d9d7734044bb3d5d01379a29ae3a744ec7b1d1a3f96453fc4aa96a9533505f463c6a9d1822b30abd8ac029ecbe59b7d3478fdafa87007652ef06f278f8aff828f3da202c267ac20a9fdfe68a9df421354c3c4b21931a7a74f52305b79c5b9a0ce8f8b72728dd2e853437259387b5709a278cf425e3b4dcce35c00e86f74b83b3b32376045e1c8b80faa0020653b414478edd77a90a27eadabaf651354e885b2ee43f847a464aa79c98ca213d7e6d92545d7dd38763193ddd64d67aa28dde3e2398c74781389e173c3beada70d2f3b9db1dd6046b4b2fb5b9f9dd8fa0f7b7afae70d914372081e540ea7fd20dc30bb2f309a666af96a4f29e5c4ded8c4ecee93b2746f3e4a719f896939b3bd241cbb88cf0e71f4089266b218e52b0a3958595cab9a151a666389544ad605e409f5ea1574a2553a648e8c5fcb0dc9644c6d5dd7baf7202bb5d711d21d34c3e46097f8ad0762dc84ef788b4a06522e89908f7deef93fc3cf193963ee23e5b5b186db5b6ca27adf618fe57f618aee41cab6b4d7be00376376117034512672a019387592c79a9933ca12ed78bd6bc4c03ea806d5d738140ef907c453c846a0272a7b727f092ec30571ef43713eece19afd73104a5d29171eb1d44715d20567bb3dd03cf8da0a11769d5ef656a500397646e1b38ae8e08a803cfb087b108d1b345de5c5bb4028c6a4aca0c10498315b4f050a6f6c6f347ccb0b29728a53358d6dafa197dd0c62f1220c8626feb9e854d6ed7da9aa6e7c3ad0d3284055dbb5c5848eceb3305a60d7e222bb0361f2346f14a47ff009932fd7a2edca8ba0c67e93428bd7446cd6ee000b176971f981ba1218f714d958664a8ea6d0c0935e6b6d8ff4b96d47c46a5a064a03556e693888ca8f18e68ccfbf234c5c618cc081481d8d7d0da042320c36fde70bf628e56341959a3f9427f812053c9c0631bf1e12bb5a3d6a0dfa2a2a9b0cc6183aaf7b931a870ba0f035234d98ba45880fb22bd4726f3ad368ca19ecd5e8697ced2204092e16401ab28878340c3171bc8f17be564f1069eb8232f803c6b7f510df79a616bfe22e99466b88a994110e59015b4ade14d37f16fbd384a24701a5414cbd5060a09d37967d957a0688d769459677aab26895fbd40cb9475c4bec71859623abe5699ecf940a39ae1758021b642ac957709a318fe0d52b1f3a2d86329c4819b5868b4d6c1778b5d82f4b4d4e5588f90b52cb7ddf3d13c0521774bc72bf7337556740888a3e11c69470047f20b076dec2a40e9ebe990ed0a244618886b0e009104c45d6f1c97b0e29ed035719acd3080af2a8158a0ac78cd50f84d1c18b8ebd092474d9e3cdf97bd9136a6ecbef519e9d9f88c038827c4b91c5c8681bc56d8f23b6b2b429f18830881a24396e7aed21733a7bce2f8890455002cd400b84a9f7c51a1b1f4f11f2580a3017c5a10ce52331fcc6d71c9a1bc574b76ca992edac829a37bfafc0e2273630adc965c38988528f55c85bcb07c3766f8427ff74b84bed1cbafbeedcdd87979237d6dc197c9e013428f09dfca569b589c6de0cbecc253f5188cbe9469a40419a43b6f8916c0ed27ceb13e8fd0daf45c24b107d59d48c87b2f3a7926b4ce6be3ede42559fab0fc9031b3cd51748e142110547e691dbb3d8d0f71323332e890863c22c0466514c90df9edf9862c90dd7d517fd0e7e832ecc99c514b11c9ee41ff31f9e2bb2922edd2876a469835105bde63319b462114dbac7266a07e92f1f4c0ac51214c9a885fed731343fc1ca43ca4cbf081b4554a3d284b4d015fdb3a09867554f59463d43b81a707458894d0c1c82a54cddeddbbc50c64c83d2780ccf3f130d61a22192afd8670c96fa7339ac4113069622d2a0ab9c5bad7c18767d904baa7bc599abf3dffa436bcb65da5f108f9b58efdbecf8e64427f40b2f374310f26f1de7ec65c017700d666c3b00327dc4e3d1556c39de196f431d784b7f7a93195c4b2289b2f04c274a2b89936668063e0a8abac3eb25deabbe6ca9fc7911829f697917535acca51b596b38a3041859984281485ea0be6b02175aec3bbfdb8ee60710554b64078c2a2f5532e3fe206f363777cc10eb25c9744478ff2ea7a517aa2deab24a64e8f0006ed5b518a0f80fb1906c4d98d5b9a1a63b2d1826093cc87db7401621b8186caec52cca5a10b54075a7ec3700e4d4fa5cec8f5a681672c8e52fed0408bd3f6a49f04f1ccc54f45850f4db658d778f21c38f29c0b0ec0b7a346b474ff4adcfc21ed6d77bab9106c2e05e67bbc12e55fba5146e7b0a77ccb71acfa32e90e8d21c1830eecb27b9430885b9dbc77aca0252a1a7cd163d1d2768ae72bd3718e5c220a8b50b69335342e102ad744a9741fedd68e2360a6670fdff9865e156d430792712c4bf0a96a1e2d70c563785c61f700c06a415547f4d4459f3dc0979d9cabf80d7ed3b43d9495f214131179dbf2fe08f3f1dc6e7ae30d4eeae1479dd5bbbeaeecc8f814e167788e738bf65d1541628b1c10781f8f8372a006373bc70a3ea224a71351ab57aef07149d85a45e84a4d6e4f663e9ede6e8f4d543853617e9a303b212c380f8ddb92c30af284991762a0afa31705a56f5fb6430532616e03f25fd7df904b369928b3fc5b6e373528549419256c3b6ed696f31af2a459dc101fe721e162588b6f45783d949b00c810c7c9532e254c4b1432488821b931b8de91d79dab9be3eb78966c9787bb508d019b9816e8c563113dfb0f38e8b7e631df69b11f920c4adabe4c5818d9af145bd43cd16cd5f06dfde31d9c2d5362a4e23fb8636f0097d005054a1bb194dc53165a3a7e41ec3e55586c343ec788d9c539140af7c17c95aa76a5e164712e928df4db8819a969d39398dc727fa1840b1c6c92c10cb441b3c3034fd1090b242f4bc0b2152452461dc115665567dfd1bbdeaffc28c2101045ba6dddc07583b0cbb5146f30f6c77f68bc2bf9072d0c66e99da84065f2a1b69073562f7edfb25c0cf63afc5e8d7a3b9161cd962cf43bd8d06f9951aada5f067839e00fe2eafb747067caea5d6f8defa957ff0dd671078f936c4154e4be6ef2321718116377ce986f70898f5783f3d59e38effa384e0fdd3c2f50d8dd98ba03553c1dcb4e673e3dce33a244c4c86c70d8f3fb823a18cac4d3e1fe69625d93f0e4dd1f78784e2489f11e1b8edfdd8e897c6833d7d8c0a698bfb0c4a5b75d88cd3df5e98ea0634ef1601d6fae34f8cd50a0f651deb4c15df78da8fa37e31b8ad6b5c33d02faa0ef67e88378cd8ac1cc1e82080bf72416a849e5c6e95d5d0e32d019d2ffaafc487bf3e334baa1fb31b602edb33451eb0e5f65f8688bd02edfe390787d9d927296a0975d46b2eaa3f10fb12eaf02daa11ee5ea97d300799e83348d8d3db87c879e3e13331658e49f192ac54416174f9f303e34c7d2e5641a9890ba28b9e5da9f9a7cf9142d83a4f4946185f8d78677c8a77d00f9de737cef2f638420d4d117ad35a97e147258a56cf6be273ec313b4bf6859e297ab44c22ce5a9cec9636340fb77ac65c59cf2c633b58cb93c2ff252c10070debaa9fcad667c89296d68e0c9436f4861e94db1603ecd464e314f33e59dd94b06d792fcd85f538ad99a7bb49e36cd9a0c0ce97d36094ff07b43b2a75a9e28f4510bcac23131f9c263ee870e5512d6aa859dfc2124db9efb7126723e34e8c3d154b81d49c498bcad4bac635916b55c3df1f2ec4413e9d749b62310591011141aabb4c9d973f65732c27532ffd3e3ad4314355885169ef1c9524fa2a40ee36670faf2e21280a7af2a6f80b2f4d8c423e00ae9dc41165ae218f97653b3ec08ac006596bd6ee996954af1f84e0705567a0489f633dad209696af5e5ee6afe0ce80d7aeeaec3027fcbfc36601f"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000059240)={0x0, ""/256, 0x0, <r11=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000059440)={0x0, ""/256, <r12=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000059640)={0xf476, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r13=>0x0}], 0xd8, "a0e97679b5c167"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000005a640)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2, r3}, {0x0, r4}, {r5}, {}, {r6}, {r7, r8}, {0x0, r9}, {r10}, {0x0, r11}, {r12, r13}], 0x21, "7b950dd4fe1004"})
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 2998.019189] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2998.020800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2998.022301] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 2998.038112] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=74384 comm=syz-executor.0
11:18:28 executing program 4:
epoll_create1(0x0)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000000), 0x5, 0x10b480)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080))

11:18:28 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:28 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x68000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:28 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x50150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:28 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
syz_io_uring_setup(0x4ad, &(0x7f0000000080)={0x0, 0x6514, 0x4, 0x1, 0x81}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000100))
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:18:28 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, 0x0, 0x0)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:18:29 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1, 0x1, &(0x7f0000000080)="d5d59a41dc41dbda97752b2e2f5521eccd415d94e4d7fdc0f71dbb23dbee78ef2756fc5cc921ccac94a7de10f3f9a638a754717c1fa6e1797240a45f6177eae0767c", 0x2, 0x0, 0x1, {0x3, r0}}, 0x5)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)=ANY=[@ANYBLOB="0168cc2e073b7c1e1237be67", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c65302019e77d80d1419dc406a16e40bd3b0ea42f1024305b495ea018d303d6d9903dd1c6777b3c693a97a6cb8a7d7a01beaa9360d4cac6445aa4aa07fdad55bd3dcd00"/102])
pkey_mprotect(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x1000001, 0xffffffffffffffff)
shmget$private(0x0, 0x1000, 0x1, &(0x7f0000ffe000/0x1000)=nil)

11:18:29 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1a18c1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000000)={0x1c, r4, 0x301, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYRES16=r6], 0xffffffffffffff05)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000000c0)={0x244, 0x0, 0xe6bf16a61560cb51, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IE={0xc, 0x2a, [@ssid={0x0, 0x6, @default_ap_ssid}]}, @NL80211_ATTR_IE={0x14c, 0x2a, [@dsss={0x3, 0x1, 0xb7}, @ssid={0x0, 0x6, @default_ap_ssid}, @rann={0x7e, 0x15, {{0x0, 0x49}, 0x7f, 0xff, @device_b, 0x1, 0x9, 0x6}}, @channel_switch={0x25, 0x3, {0x1, 0xd}}, @tim={0x5, 0xea, {0x60, 0x23, 0x80, "54d3552f48a6f1c6c9911e19c7a9b3fbec237a67042f9450fb78af1db93d04cce4060ea77d49e7c6bf84fa74f0f110566b724cee0864086e69b82bc3bb572c66451e79dd84ec5565293dbf0f4fb7739dc504ace93eaa162566186ab1fa16d1102094082ad4399f7e5fabfa0110e1d1917353bc20fac9177470a96b672e220595f98abc02661cfb7169b91a0a6dd93d70f173ab10710dc6b334c51ab8d4476776018880f5a3d02749d4e46e3fe5083f7b62d0a059b0f7db84eae56711ace53f11ba7cbb0cedda0492065ad013e795308868c90a90fc4fb9267ac30d5d366ebdf8a66a8d838aee3a"}}, @prep={0x83, 0x25, @ext={{}, 0x7f, 0x0, @device_a, 0xe909, @device_a, 0x7, 0x401, @broadcast, 0x1}}, @sec_chan_ofs={0x3e, 0x1, 0x2}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @cf={0x4, 0x6, {0x39, 0xc6, 0x165, 0x1}}]}, @fils_params=[@NL80211_ATTR_FILS_ERP_REALM={0xe, 0xfa, "b59750b2b47399c91742"}, @NL80211_ATTR_FILS_ERP_USERNAME={0x6, 0xf9, "d0ef"}, @NL80211_ATTR_FILS_ERP_RRK={0xad, 0xfc, "bf3d05450d4468e9128c1eddcfdb1520447b1feeae8affd6483cb6dafe369292d25d7f338ea5944e4a280354e8070c4484a766309d91079871025f6c94af42a7bf2e9802f5ca88f8aaecb3d3cfa348ce50a93b73db5ad78e544df7b7d9bcbd6f34daf0f45bdb351632e796fd866ec0aa9385f7ec109c2f2c356a104f18115dddb0562615011bca5fd5c4a6c13f5bbff93aac762635472d31b8abcdb2782fadfbe98f4b9d2b34f9aefc"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x5}]]}, 0x244}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:18:29 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 18)

[ 2998.441075] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=75105 comm=syz-executor.0
11:18:29 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x51150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 2998.529103] FAULT_INJECTION: forcing a failure.
[ 2998.529103] name failslab, interval 1, probability 0, space 0, times 0
[ 2998.531183] CPU: 0 PID: 75225 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2998.532471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2998.534053] Call Trace:
[ 2998.534548]  dump_stack+0x107/0x167
[ 2998.535220]  should_fail.cold+0x5/0xa
[ 2998.535922]  should_failslab+0x5/0x20
[ 2998.536626]  __kmalloc_track_caller+0x79/0x370
[ 2998.537486]  ? v9fs_session_init+0xe9/0x1680
[ 2998.538296]  ? kernel_text_address+0xf2/0x120
[ 2998.539136]  kstrdup+0x36/0x70
[ 2998.539742]  v9fs_session_init+0xe9/0x1680
[ 2998.540526]  ? lock_release+0x680/0x680
[ 2998.541275]  ? find_held_lock+0x2c/0x110
[ 2998.541919]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2998.542804]  ? v9fs_show_options+0x690/0x690
[ 2998.543627]  ? trace_hardirqs_on+0x5b/0x180
[ 2998.544451]  ? kasan_unpoison_shadow+0x33/0x50
[ 2998.545381]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2998.546328]  v9fs_mount+0x79/0x8f0
[ 2998.546985]  ? v9fs_write_inode+0x60/0x60
[ 2998.547750]  legacy_get_tree+0x105/0x220
[ 2998.548510]  vfs_get_tree+0x8e/0x300
[ 2998.549203]  path_mount+0x1429/0x2120
[ 2998.549913]  ? strncpy_from_user+0x9e/0x470
[ 2998.550722]  ? finish_automount+0xa90/0xa90
[ 2998.551514]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2998.552374]  ? _copy_from_user+0xfb/0x1b0
[ 2998.553162]  __x64_sys_mount+0x282/0x300
[ 2998.553926]  ? copy_mnt_ns+0xa00/0xa00
[ 2998.554657]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2998.555646]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2998.556610]  do_syscall_64+0x33/0x40
[ 2998.557306]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2998.558255] RIP: 0033:0x7f01450cdb19
[ 2998.558948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2998.562376] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2998.563788] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 2998.565121] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2998.566443] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 2998.567775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2998.569119] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:18:43 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:18:43 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567f", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:18:43 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x52150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:43 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 19)

11:18:43 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x6c000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:43 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123ab, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:43 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_create(0x7fffffff)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f0000000000))
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f0000000100)={0x9, 0x20, '\x00', 0x1, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0]})
io_uring_enter(r1, 0x38ca, 0xfb7d, 0x1, &(0x7f0000000140)={[0x4fc0]}, 0x8)

11:18:43 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, 0x0, 0x0)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

[ 3013.138829] FAULT_INJECTION: forcing a failure.
[ 3013.138829] name failslab, interval 1, probability 0, space 0, times 0
[ 3013.141275] CPU: 1 PID: 75467 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3013.142752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3013.144527] Call Trace:
[ 3013.145088]  dump_stack+0x107/0x167
[ 3013.145928]  should_fail.cold+0x5/0xa
[ 3013.146757]  ? create_object.isra.0+0x3a/0xa20
[ 3013.147724]  should_failslab+0x5/0x20
[ 3013.148553]  kmem_cache_alloc+0x5b/0x310
[ 3013.149434]  create_object.isra.0+0x3a/0xa20
[ 3013.150348]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3013.151384]  __kmalloc_track_caller+0x177/0x370
[ 3013.152347]  ? v9fs_session_init+0xe9/0x1680
[ 3013.153235]  ? kernel_text_address+0xf2/0x120
[ 3013.154229]  kstrdup+0x36/0x70
[ 3013.154912]  v9fs_session_init+0xe9/0x1680
[ 3013.155555] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=75461 comm=syz-executor.0
[ 3013.155773]  ? lock_release+0x680/0x680
[ 3013.155798]  ? find_held_lock+0x2c/0x110
[ 3013.159980]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3013.160955]  ? v9fs_show_options+0x690/0x690
[ 3013.161931]  ? trace_hardirqs_on+0x5b/0x180
[ 3013.162809]  ? kasan_unpoison_shadow+0x33/0x50
[ 3013.163788]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3013.164823]  v9fs_mount+0x79/0x8f0
[ 3013.165579]  ? v9fs_write_inode+0x60/0x60
[ 3013.166428]  legacy_get_tree+0x105/0x220
[ 3013.167281]  vfs_get_tree+0x8e/0x300
[ 3013.168043]  path_mount+0x1429/0x2120
[ 3013.168844]  ? strncpy_from_user+0x9e/0x470
[ 3013.169755]  ? finish_automount+0xa90/0xa90
[ 3013.170660]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3013.171615]  ? _copy_from_user+0xfb/0x1b0
[ 3013.172486]  __x64_sys_mount+0x282/0x300
[ 3013.173356]  ? copy_mnt_ns+0xa00/0xa00
[ 3013.174168]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3013.175237]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3013.176314]  do_syscall_64+0x33/0x40
[ 3013.177078]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3013.178166] RIP: 0033:0x7f01450cdb19
[ 3013.178953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3013.182889] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3013.184457] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3013.185953] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3013.187422] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3013.187433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3013.187443] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:18:43 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x74000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:43 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x53150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:44 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
lstat(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0)
ioctl$NS_GET_OWNER_UID(r2, 0xb704, 0x0)
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r3, {r0, r1}}, './file1\x00'})
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
lstat(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0)
ioctl$NS_GET_OWNER_UID(r6, 0xb704, 0x0)
r7 = fcntl$dupfd(0xffffffffffffffff, 0x0, r6)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r7, {r4, r5}}, './file1\x00'})
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x2020890, &(0x7f0000000100)={'trans=unix,', {[{}, {@posixacl}, {@noextend}, {@uname={'uname', 0x3d, ')-\x16}-'}}, {@access_client}, {@fscache}], [{@obj_user}, {@smackfstransmute={'smackfstransmute', 0x3d, '@'}}, {@fowner_lt={'fowner<', r0}}, {@measure}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@seclabel}, {@hash}, {@uid_eq={'uid', 0x3d, r4}}, {@subj_type={'subj_type', 0x3d, '+,$:}@'}}, {@seclabel}]}})

11:18:44 executing program 4:
r0 = epoll_create1(0x80000)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:18:44 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123ac, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:18:44 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x5}}, './file0\x00'})
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x402a00, 0x0)
dup3(r1, r0, 0x80000)

11:18:44 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:18:44 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x1010, 0xffffffffffffffff, 0x8000000)
r1 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r4 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000180)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0)
syz_io_uring_submit(r7, r6, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r7, r3, &(0x7f0000000080)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r8, 0x1, 0x3d, &(0x7f0000000140), 0x8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000008, 0x10, r1, 0x0)
syz_io_uring_submit(r0, r3, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd=r8, 0x9, 0x0, 0x3, 0x4, 0x1}, 0xffffffff)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:18:44 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x54150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3013.806630] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=76254 comm=syz-executor.0
[ 3031.506251] FAULT_INJECTION: forcing a failure.
[ 3031.506251] name failslab, interval 1, probability 0, space 0, times 0
[ 3031.508274] CPU: 1 PID: 76402 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3031.509277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3031.510485] Call Trace:
[ 3031.510898]  dump_stack+0x107/0x167
[ 3031.511422]  should_fail.cold+0x5/0xa
[ 3031.511969]  ? p9_client_create+0xaf/0x1230
[ 3031.512588]  should_failslab+0x5/0x20
[ 3031.513140]  kmem_cache_alloc_trace+0x55/0x320
[ 3031.513805]  ? find_held_lock+0x2c/0x110
[ 3031.514395]  p9_client_create+0xaf/0x1230
[ 3031.514993]  ? lock_downgrade+0x6d0/0x6d0
11:19:02 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 20)

11:19:02 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123ad, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:02 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))

11:19:02 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x7a000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:02 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x539c0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl(r0, 0xd3, &(0x7f0000000000)="cdb50c70fa59ab4c8000a4be5682333f4cd466a2786d34f915c8")
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:19:02 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:19:02 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:19:02 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x55150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3031.515592]  ? p9_client_flush+0x430/0x430
[ 3031.516381]  ? trace_hardirqs_on+0x5b/0x180
[ 3031.517009]  ? lockdep_init_map_type+0x2c7/0x780
[ 3031.517715]  ? __raw_spin_lock_init+0x36/0x110
[ 3031.518378]  v9fs_session_init+0x1dd/0x1680
[ 3031.518997]  ? lock_release+0x680/0x680
[ 3031.519569]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3031.520255]  ? v9fs_show_options+0x690/0x690
[ 3031.520886]  ? trace_hardirqs_on+0x5b/0x180
[ 3031.521511]  ? kasan_unpoison_shadow+0x33/0x50
[ 3031.522171]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3031.522899]  v9fs_mount+0x79/0x8f0
[ 3031.523443]  ? v9fs_write_inode+0x60/0x60
[ 3031.524044]  legacy_get_tree+0x105/0x220
[ 3031.524636]  vfs_get_tree+0x8e/0x300
[ 3031.525170]  path_mount+0x1429/0x2120
[ 3031.525730]  ? strncpy_from_user+0x9e/0x470
[ 3031.526347]  ? finish_automount+0xa90/0xa90
[ 3031.526977]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3031.527649]  ? _copy_from_user+0xfb/0x1b0
[ 3031.528244]  __x64_sys_mount+0x282/0x300
[ 3031.528822]  ? copy_mnt_ns+0xa00/0xa00
[ 3031.529420]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3031.530175]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3031.530924]  do_syscall_64+0x33/0x40
[ 3031.531461]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3031.532186] RIP: 0033:0x7f01450cdb19
[ 3031.532711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3031.535358] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3031.536450] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3031.537461] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3031.538484] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3031.539505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3031.540527] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3031.541067] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=76397 comm=syz-executor.0
11:19:02 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 21)

11:19:02 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x10820, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:19:02 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x7c150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:02 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x56150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3031.722233] FAULT_INJECTION: forcing a failure.
[ 3031.722233] name failslab, interval 1, probability 0, space 0, times 0
[ 3031.723906] CPU: 1 PID: 76816 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3031.724804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3031.725966] Call Trace:
[ 3031.726341]  dump_stack+0x107/0x167
[ 3031.726841]  should_fail.cold+0x5/0xa
[ 3031.727368]  ? create_object.isra.0+0x3a/0xa20
[ 3031.728007]  should_failslab+0x5/0x20
[ 3031.728538]  kmem_cache_alloc+0x5b/0x310
[ 3031.729099]  ? kernel_text_address+0xf2/0x120
[ 3031.729732]  create_object.isra.0+0x3a/0xa20
[ 3031.730338]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3031.731045]  kmem_cache_alloc_trace+0x151/0x320
[ 3031.731691]  ? find_held_lock+0x2c/0x110
[ 3031.732252]  p9_client_create+0xaf/0x1230
[ 3031.732791]  ? lock_downgrade+0x6d0/0x6d0
[ 3031.733332]  ? p9_client_flush+0x430/0x430
[ 3031.733887]  ? trace_hardirqs_on+0x5b/0x180
[ 3031.734452]  ? lockdep_init_map_type+0x2c7/0x780
[ 3031.735106]  ? __raw_spin_lock_init+0x36/0x110
[ 3031.735703]  v9fs_session_init+0x1dd/0x1680
[ 3031.736263]  ? lock_release+0x680/0x680
[ 3031.736783]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3031.737412]  ? v9fs_show_options+0x690/0x690
[ 3031.737990]  ? trace_hardirqs_on+0x5b/0x180
[ 3031.738582]  ? kasan_unpoison_shadow+0x33/0x50
[ 3031.739170]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3031.739843]  v9fs_mount+0x79/0x8f0
[ 3031.740302]  ? v9fs_write_inode+0x60/0x60
[ 3031.740872]  legacy_get_tree+0x105/0x220
[ 3031.741402]  vfs_get_tree+0x8e/0x300
[ 3031.741936]  path_mount+0x1429/0x2120
[ 3031.742432]  ? strncpy_from_user+0x9e/0x470
[ 3031.742988]  ? finish_automount+0xa90/0xa90
[ 3031.743588]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3031.744188]  ? _copy_from_user+0xfb/0x1b0
[ 3031.744728]  __x64_sys_mount+0x282/0x300
[ 3031.745251]  ? copy_mnt_ns+0xa00/0xa00
[ 3031.745801]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3031.746486]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3031.747198]  do_syscall_64+0x33/0x40
[ 3031.747717]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3031.748417] RIP: 0033:0x7f01450cdb19
[ 3031.748923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3031.751449] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3031.752485] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3031.753458] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3031.754436] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3031.755418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3031.756390] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:19:02 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123ae, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:02 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x480401, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x1})
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x30200, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000080))

11:19:02 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="05000100018800002e2f66696c653000"])

11:19:02 executing program 4:
r0 = epoll_create1(0x0)
r1 = dup(r0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000140), 0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x40000012})
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000080))

11:19:18 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 22)

11:19:18 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x57150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:18 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:19:18 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:19:18 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x7d150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:18 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x123af, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:18 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = signalfd(r1, &(0x7f0000000000)={[0xd35]}, 0x8)
ioctl$CDROMREADMODE2(r2, 0x530c, &(0x7f00000000c0)={0x4, 0xd7, 0x2, 0x1, 0x3f, 0x12})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:19:18 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = openat2(0xffffffffffffffff, &(0x7f0000000240)='./file1\x00', &(0x7f0000000280)={0x64000, 0x152, 0x16}, 0x18)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000340)=0x14)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000600)={0x164, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x11c, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xb}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0xfffffffffffffd77, 0x1, 0x6}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}, {0x4}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}]}]}, 0x164}}, 0x44000)
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0x4, 0x400, 0x1, {0x0, r1}}, 0xb2)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000000), &(0x7f0000000080)=0x8)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES32, @ANYBLOB="05000000004a00f8fdb98b521483319706250f5b8cfc000867a233ccf41ba3"])

[ 3047.821723] FAULT_INJECTION: forcing a failure.
[ 3047.821723] name failslab, interval 1, probability 0, space 0, times 0
[ 3047.824126] CPU: 0 PID: 77356 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3047.825353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3047.826836] Call Trace:
[ 3047.827296]  dump_stack+0x107/0x167
[ 3047.827947]  should_fail.cold+0x5/0xa
[ 3047.828631]  should_failslab+0x5/0x20
[ 3047.829318]  __kmalloc_track_caller+0x79/0x370
[ 3047.830143]  ? p9_client_create+0x41d/0x1230
[ 3047.830919]  kstrdup+0x36/0x70
[ 3047.831498]  p9_client_create+0x41d/0x1230
[ 3047.832268]  ? p9_client_flush+0x430/0x430
[ 3047.832517] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=77344 comm=syz-executor.0
[ 3047.833030]  ? trace_hardirqs_on+0x5b/0x180
[ 3047.833049]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3047.833079]  v9fs_session_init+0x1dd/0x1680
[ 3047.838292]  ? lock_release+0x680/0x680
[ 3047.839004]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3047.839860]  ? v9fs_show_options+0x690/0x690
[ 3047.840634]  ? trace_hardirqs_on+0x5b/0x180
[ 3047.841535]  ? kasan_unpoison_shadow+0x33/0x50
[ 3047.842362]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3047.843258]  v9fs_mount+0x79/0x8f0
[ 3047.843885]  ? v9fs_write_inode+0x60/0x60
[ 3047.844706]  legacy_get_tree+0x105/0x220
[ 3047.845427]  vfs_get_tree+0x8e/0x300
[ 3047.846100]  path_mount+0x1429/0x2120
[ 3047.846787]  ? strncpy_from_user+0x9e/0x470
[ 3047.847554]  ? finish_automount+0xa90/0xa90
[ 3047.848328]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3047.849155]  ? _copy_from_user+0xfb/0x1b0
[ 3047.849905]  __x64_sys_mount+0x282/0x300
[ 3047.850628]  ? copy_mnt_ns+0xa00/0xa00
[ 3047.851318]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3047.852253]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3047.853156]  do_syscall_64+0x33/0x40
[ 3047.853837]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3047.854730] RIP: 0033:0x7f01450cdb19
[ 3047.855380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3047.858607] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3047.859938] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3047.861180] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3047.862442] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3047.863692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3047.864943] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:19:18 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r1 = syz_io_uring_setup(0x5c7d, &(0x7f0000000080)={0x0, 0xf0f9, 0x20, 0x0, 0x146}, &(0x7f0000fef000/0x3000)=nil, &(0x7f0000fef000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)=<r2=>0x0)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x13)
recvmmsg$unix(0xffffffffffffffff, &(0x7f00000058c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000540)=""/101, 0x65}], 0x1, &(0x7f0000000600)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000000640)=@abs, 0x6e, &(0x7f0000000b80)=[{&(0x7f00000006c0)=""/101, 0x65}, {&(0x7f0000000740)=""/9, 0x9}, {&(0x7f0000000780)=""/108, 0x6c}, {&(0x7f0000000800)=""/151, 0x97}, {&(0x7f00000008c0)=""/177, 0xb1}, {&(0x7f0000000980)=""/120, 0x78}, {&(0x7f0000000a00)=""/183, 0xb7}, {&(0x7f0000000ac0)=""/31, 0x1f}, {&(0x7f0000000b00)=""/125, 0x7d}], 0x9, &(0x7f0000000c40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x30}}, {{&(0x7f0000000c80), 0x6e, &(0x7f00000011c0)=[{&(0x7f0000000d00)=""/85, 0x55}, {&(0x7f0000000d80)=""/222, 0xde}, {&(0x7f0000000e80)=""/156, 0x9c}, {&(0x7f0000000f40)=""/211, 0xd3}, {&(0x7f0000001040)=""/158, 0x9e}, {&(0x7f0000001100)=""/141, 0x8d}], 0x6, &(0x7f0000001240)=[@cred={{0x1c}}], 0x20}}, {{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001280)=""/45, 0x2d}, {&(0x7f00000012c0)=""/74, 0x4a}, {&(0x7f0000001340)=""/246, 0xf6}, {&(0x7f0000001440)=""/79, 0x4f}, {&(0x7f00000014c0)=""/235, 0xeb}, {&(0x7f00000015c0)=""/140, 0x8c}], 0x6, &(0x7f0000001700)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x38}}, {{&(0x7f0000001740)=@abs, 0x6e, &(0x7f00000019c0)=[{&(0x7f00000017c0)=""/31, 0x1f}, {&(0x7f0000001800)=""/234, 0xea}, {&(0x7f0000001900)=""/169, 0xa9}], 0x3, &(0x7f0000001a00)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x40}}, {{&(0x7f0000001a40)=@abs, 0x6e, &(0x7f0000001c80)=[{&(0x7f0000001ac0)=""/92, 0x5c}, {&(0x7f0000001b40)=""/162, 0xa2}, {&(0x7f0000001c00)=""/108, 0x6c}], 0x3, &(0x7f0000001e00)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x140}}, {{0x0, 0x0, &(0x7f00000032c0)=[{&(0x7f0000001cc0)=""/147, 0x93}, {&(0x7f0000001f40)=""/72, 0x48}, {&(0x7f0000001fc0)=""/4096, 0x1000}, {&(0x7f0000002fc0)=""/225, 0xe1}, {&(0x7f00000030c0)=""/151, 0x97}, {&(0x7f0000003180)=""/109, 0x6d}, {&(0x7f0000003200)=""/141, 0x8d}], 0x7}}, {{&(0x7f0000003340)=@abs, 0x6e, &(0x7f0000003440)=[{&(0x7f00000033c0)=""/78, 0x4e}], 0x1, &(0x7f0000003480)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff]}}], 0x28}}, {{0x0, 0x0, &(0x7f0000005740)=[{&(0x7f00000034c0)=""/4096, 0x1000}, {&(0x7f00000044c0)=""/4096, 0x1000}, {&(0x7f00000054c0)=""/88, 0x58}, {&(0x7f0000005540)=""/30, 0x1e}, {&(0x7f0000005580)=""/67, 0x43}, {&(0x7f0000005600)=""/67, 0x43}, {&(0x7f0000005680)=""/134, 0x86}], 0x7, &(0x7f00000057c0)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8}}], 0x9, 0x12000, &(0x7f0000005b00)={0x0, 0x3938700})
fallocate(r3, 0x14, 0x6, 0x4)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r4=>r0, {0x5}}, './file0\x00'})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000500)=@IORING_OP_WRITEV={0x2, 0x1, 0x2007, @fd=r4, 0x20, &(0x7f0000000480)=[{&(0x7f00000001c0)="6fa41e4cd94fa103503dbe1bf75b7671aaa0a6d0b939566c12fe07b96126", 0x1e}, {&(0x7f0000000200)="19ce56924ea39fa7f4ff4d922551a549bbec3080fabb628836bfe742ed47363f0846803c576a51fdd82f3ee8148cdf896018a167517d872d3d97158b5cdc1a000cdeb634c562e7196a963a6d0ed747165230f90161876d7f39f5d47b230f3e0c5de97c426c0d699e5618e1bbe48a52", 0x6f}, {&(0x7f0000000280)="ff9f2bbd5dd136530a59c3329017d72a6a2606", 0x13}, {&(0x7f00000002c0)="667ca5601b321923e35b545904e2819897ba5bc58ffe296c12f3582aff29467565fec76758024ca504663b21cc39bafbd2e0a6d8bad4f971528b229724b936c8d46f4f96c6a9a6b79cd60a91ad9a9cb3a57dcbcc43230621a8096b5dea274d763f867b26b17c51ea92a8f0c7877655d6937f062d2a6401160478f0a2a3423297654e6123c4fe9afc66837bc02715e363a3042afb37e659f76f22847ae40842f9eff8b456a0d08eacadfe3c2335c8d6e224a3579c184ed8a3a04679489faa6c345f77d59c90ea43dd320a48dbf05d19e6abd5", 0xd2}, {&(0x7f00000003c0)="67763ab91c73938a6e0524edb6571d8d81ccb9794903d63bb5c52a262a337c87a40cd0743010b92a7dd1e003cd5a2f681ebf8dc61a593069416550f4e190361a3ed1f0e5724c152228991d342229ba4e6a7be31859768d104ed6ab468fa677a435233c1c8dc051a1ba0548dbc2236c6bcb56635f030bd4deb68366264939fadf59a4ff8d56f10741a717a27a6713ce84ff16851b54ee8d85af0dc69ac9a504ab0e", 0xa1}], 0x5, 0x3, 0x1, {0x0, r5}}, 0x4)
mbind(&(0x7f0000fef000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000)=0x5, 0x8, 0x5)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
mmap$IORING_OFF_SQ_RING(&(0x7f0000fee000/0x2000)=nil, 0x2000, 0x2000006, 0x100010, r1, 0x0)

11:19:18 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x80000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:18 executing program 4:
r0 = epoll_create1(0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000140), 0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x10000010})
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000080))

11:19:18 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x58150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:18 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 23)

11:19:18 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5e, 0x25058, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0xc000, 0x0, 0x0, 0x1, 0x0, 0x4}, 0x0, 0x10, 0xffffffffffffffff, 0x1)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:19:18 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x7e150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3048.174025] FAULT_INJECTION: forcing a failure.
[ 3048.174025] name failslab, interval 1, probability 0, space 0, times 0
[ 3048.176877] CPU: 1 PID: 77819 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3048.178660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3048.180687] Call Trace:
[ 3048.181443]  dump_stack+0x107/0x167
[ 3048.182363]  should_fail.cold+0x5/0xa
[ 3048.183292]  ? create_object.isra.0+0x3a/0xa20
[ 3048.184407]  should_failslab+0x5/0x20
[ 3048.185321]  kmem_cache_alloc+0x5b/0x310
[ 3048.186310]  ? lock_downgrade+0x6d0/0x6d0
[ 3048.187306]  create_object.isra.0+0x3a/0xa20
[ 3048.188389]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3048.189630]  __kmalloc_track_caller+0x177/0x370
[ 3048.190763]  ? p9_client_create+0x41d/0x1230
[ 3048.191823]  kstrdup+0x36/0x70
[ 3048.192600]  p9_client_create+0x41d/0x1230
[ 3048.193616]  ? lock_downgrade+0x6d0/0x6d0
[ 3048.194627]  ? p9_client_flush+0x430/0x430
[ 3048.195640]  ? trace_hardirqs_on+0x5b/0x180
[ 3048.196669]  ? lockdep_init_map_type+0x2c7/0x780
[ 3048.197808]  ? __raw_spin_lock_init+0x36/0x110
[ 3048.198907]  v9fs_session_init+0x1dd/0x1680
[ 3048.199992]  ? lock_release+0x680/0x680
[ 3048.201004]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3048.202277]  ? v9fs_show_options+0x690/0x690
[ 3048.203400]  ? trace_hardirqs_on+0x5b/0x180
[ 3048.204461]  ? kasan_unpoison_shadow+0x33/0x50
[ 3048.205558]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3048.206780]  v9fs_mount+0x79/0x8f0
[ 3048.207615]  ? v9fs_write_inode+0x60/0x60
[ 3048.208578]  legacy_get_tree+0x105/0x220
[ 3048.209531]  vfs_get_tree+0x8e/0x300
[ 3048.210413]  path_mount+0x1429/0x2120
[ 3048.211297]  ? strncpy_from_user+0x9e/0x470
[ 3048.212294]  ? finish_automount+0xa90/0xa90
[ 3048.213301]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3048.214414]  ? _copy_from_user+0xfb/0x1b0
[ 3048.215452]  __x64_sys_mount+0x282/0x300
[ 3048.216446]  ? copy_mnt_ns+0xa00/0xa00
[ 3048.217406]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3048.218687]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3048.219886]  do_syscall_64+0x33/0x40
[ 3048.220748]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3048.221952] RIP: 0033:0x7f01450cdb19
[ 3048.222809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3048.227069] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3048.228802] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3048.230452] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3048.232075] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3048.233704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3048.235341] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:19:18 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:19:18 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
sendfile(r0, r1, &(0x7f0000000000)=0x1ff, 0x6)

11:19:19 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x1000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:35 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x7f150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:35 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x59150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:35 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000deff00", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])

11:19:35 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 24)

11:19:35 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_create(0x1ff)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r4, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r5 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[])
mknodat$loop(r5, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r6, 0x1, 0x3d, &(0x7f0000000140), 0x8)
setsockopt$inet_mreqsrc(r6, 0x0, 0x27, &(0x7f00000000c0)={@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
add_key$keyring(&(0x7f0000000240), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
faccessat2(r5, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000000)={0x8000000})
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:19:35 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x2000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:35 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {0x0}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:19:35 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

[ 3064.521346] FAULT_INJECTION: forcing a failure.
[ 3064.521346] name failslab, interval 1, probability 0, space 0, times 0
[ 3064.523888] CPU: 1 PID: 78414 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3064.525341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3064.527095] Call Trace:
[ 3064.527652]  dump_stack+0x107/0x167
[ 3064.528419]  should_fail.cold+0x5/0xa
[ 3064.529226]  should_failslab+0x5/0x20
[ 3064.530039]  __kmalloc_track_caller+0x79/0x370
[ 3064.531002]  ? p9_client_create+0x41d/0x1230
[ 3064.531934]  kstrdup+0x36/0x70
[ 3064.532612]  p9_client_create+0x41d/0x1230
[ 3064.533554]  ? lock_downgrade+0x6d0/0x6d0
[ 3064.534488]  ? p9_client_flush+0x430/0x430
[ 3064.535372]  ? trace_hardirqs_on+0x5b/0x180
[ 3064.536285]  ? lockdep_init_map_type+0x2c7/0x780
[ 3064.537275]  ? __raw_spin_lock_init+0x36/0x110
[ 3064.538251]  v9fs_session_init+0x1dd/0x1680
[ 3064.539152]  ? lock_release+0x680/0x680
[ 3064.540000]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3064.541004]  ? v9fs_show_options+0x690/0x690
[ 3064.541933]  ? trace_hardirqs_on+0x5b/0x180
[ 3064.542840]  ? kasan_unpoison_shadow+0x33/0x50
[ 3064.543797]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3064.544858]  v9fs_mount+0x79/0x8f0
[ 3064.545608]  ? v9fs_write_inode+0x60/0x60
[ 3064.546488]  legacy_get_tree+0x105/0x220
[ 3064.547342]  vfs_get_tree+0x8e/0x300
[ 3064.548119]  path_mount+0x1429/0x2120
[ 3064.548924]  ? strncpy_from_user+0x9e/0x470
[ 3064.549827]  ? finish_automount+0xa90/0xa90
[ 3064.550741]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3064.551714]  ? _copy_from_user+0xfb/0x1b0
[ 3064.552595]  __x64_sys_mount+0x282/0x300
[ 3064.553439]  ? copy_mnt_ns+0xa00/0xa00
[ 3064.554265]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3064.555361]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3064.556443]  do_syscall_64+0x33/0x40
[ 3064.557221]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3064.558306] RIP: 0033:0x7f01450cdb19
[ 3064.559083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3064.562962] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3064.564548] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3064.566045] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3064.567536] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3064.569022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3064.570519] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3064.610911] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=78421 comm=syz-executor.0
11:19:35 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:19:35 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = accept(r1, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f0000000000)=0x80)
sendmsg$IPSET_CMD_GET_BYINDEX(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000201}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0xf, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x3}, [@IPSET_ATTR_INDEX={0x6, 0xb, 0xffffffffffffffff}, @IPSET_ATTR_INDEX={0x6, 0xb, 0xffffffffffffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x24044025)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:19:35 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080))

11:19:35 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 25)

11:19:35 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x3000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:35 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x80150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:35 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x5a150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:35 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = syz_io_uring_setup(0x962, &(0x7f00000002c0)={0x0, 0x342b, 0x8, 0x1, 0x2de}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/44, 0x2c}], 0x1)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100008118000000", @ANYRES32, @ANYBLOB="050048d6f16cfc8eecff4bc04c3c0000"])
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
io_uring_enter(r5, 0x1a1d, 0xf6c5, 0x0, &(0x7f00000000c0)={[0x9]}, 0x8)

[ 3064.836042] FAULT_INJECTION: forcing a failure.
[ 3064.836042] name failslab, interval 1, probability 0, space 0, times 0
[ 3064.838466] CPU: 1 PID: 78831 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3064.839910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3064.841640] Call Trace:
[ 3064.842218]  dump_stack+0x107/0x167
[ 3064.842998]  should_fail.cold+0x5/0xa
[ 3064.843822]  ? create_object.isra.0+0x3a/0xa20
[ 3064.844809]  should_failslab+0x5/0x20
[ 3064.845632]  kmem_cache_alloc+0x5b/0x310
[ 3064.846517]  create_object.isra.0+0x3a/0xa20
[ 3064.847461]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3064.848557]  __kmalloc_track_caller+0x177/0x370
[ 3064.849556]  ? p9_client_create+0x51e/0x1230
[ 3064.850522]  kmemdup_nul+0x2d/0xa0
[ 3064.851287]  p9_client_create+0x51e/0x1230
[ 3064.852205]  ? p9_client_flush+0x430/0x430
[ 3064.853116]  ? trace_hardirqs_on+0x5b/0x180
[ 3064.854064]  ? lockdep_init_map_type+0x2c7/0x780
[ 3064.855083]  ? __raw_spin_lock_init+0x36/0x110
[ 3064.856068]  v9fs_session_init+0x1dd/0x1680
[ 3064.856994]  ? lock_release+0x680/0x680
[ 3064.857858]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3064.858906]  ? v9fs_show_options+0x690/0x690
[ 3064.859861]  ? trace_hardirqs_on+0x5b/0x180
[ 3064.860790]  ? kasan_unpoison_shadow+0x33/0x50
[ 3064.861771]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3064.862867]  v9fs_mount+0x79/0x8f0
[ 3064.863633]  ? v9fs_write_inode+0x60/0x60
[ 3064.864524]  legacy_get_tree+0x105/0x220
[ 3064.865396]  vfs_get_tree+0x8e/0x300
[ 3064.866206]  path_mount+0x1429/0x2120
[ 3064.867035]  ? strncpy_from_user+0x9e/0x470
[ 3064.867960]  ? finish_automount+0xa90/0xa90
[ 3064.868885]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3064.869884]  ? _copy_from_user+0xfb/0x1b0
[ 3064.870786]  __x64_sys_mount+0x282/0x300
[ 3064.871657]  ? copy_mnt_ns+0xa00/0xa00
[ 3064.872498]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3064.873629]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3064.874743]  do_syscall_64+0x33/0x40
[ 3064.875545]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3064.876646] RIP: 0033:0x7f01450cdb19
[ 3064.877443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3064.881415] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3064.883063] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3064.884597] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3064.886147] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3064.887681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3064.889217] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:19:52 executing program 4:
epoll_create1(0x0)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000080)={0x40000008})

11:19:52 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {0x0}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:19:52 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bf", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

[ 3081.792291] FAULT_INJECTION: forcing a failure.
[ 3081.792291] name failslab, interval 1, probability 0, space 0, times 0
[ 3081.795109] CPU: 1 PID: 79262 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3081.796888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3081.799049] Call Trace:
[ 3081.799076]  dump_stack+0x107/0x167
[ 3081.799098]  should_fail.cold+0x5/0xa
11:19:52 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x81150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:52 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x4000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:52 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="240000ff7f0000002e2f66696c653000"])

11:19:52 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x5b150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:19:52 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 26)

[ 3081.799121]  ? create_object.isra.0+0x3a/0xa20
[ 3081.799145]  should_failslab+0x5/0x20
[ 3081.799166]  kmem_cache_alloc+0x5b/0x310
[ 3081.799192]  create_object.isra.0+0x3a/0xa20
[ 3081.799209]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3081.799236]  __kmalloc_track_caller+0x177/0x370
[ 3081.799256]  ? p9_client_create+0x51e/0x1230
11:19:52 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000080)={<r1=>0x0, 0xe2d, 0x2, 0x1})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000480)={r1, "76d240c2e225d77b3b5848c17c31371f"})

[ 3081.799285]  kmemdup_nul+0x2d/0xa0
[ 3081.799307]  p9_client_create+0x51e/0x1230
[ 3081.799337]  ? p9_client_flush+0x430/0x430
[ 3081.799359]  ? trace_hardirqs_on+0x5b/0x180
[ 3081.799382]  ? lockdep_init_map_type+0x2c7/0x780
11:19:52 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 27)

[ 3081.799405]  ? __raw_spin_lock_init+0x36/0x110
[ 3081.799432]  v9fs_session_init+0x1dd/0x1680
[ 3081.799454]  ? lock_release+0x680/0x680
[ 3081.799483]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3081.799503]  ? v9fs_show_options+0x690/0x690
[ 3081.799532]  ? trace_hardirqs_on+0x5b/0x180
[ 3081.799553]  ? kasan_unpoison_shadow+0x33/0x50
[ 3081.799571]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3081.799593]  v9fs_mount+0x79/0x8f0
[ 3081.799613]  ? v9fs_write_inode+0x60/0x60
[ 3081.799636]  legacy_get_tree+0x105/0x220
[ 3081.799658]  vfs_get_tree+0x8e/0x300
[ 3081.799677]  path_mount+0x1429/0x2120
[ 3081.799703]  ? strncpy_from_user+0x9e/0x470
11:19:52 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x20, 0x3f, 0x81, 0x40, 0x0, 0x801, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x7fffffff, 0x1, @perf_bp={&(0x7f0000000180), 0x8}, 0x40210, 0x7, 0xfffffff9, 0x3, 0x0, 0x1, 0x8001, 0x0, 0x94, 0x0, 0x40}, 0x0, 0xc, r0, 0x1a)
r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x7, 0x10fa43)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r2, 0xc038943b, &(0x7f0000000000)={0x8, 0x50, '\x00', 0x1, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000000)=ANY=[])
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000080)='\x00')

[ 3081.799722]  ? finish_automount+0xa90/0xa90
[ 3081.799743]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3081.799762]  ? _copy_from_user+0xfb/0x1b0
[ 3081.799791]  __x64_sys_mount+0x282/0x300
[ 3081.799809]  ? copy_mnt_ns+0xa00/0xa00
[ 3081.799834]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3081.799855]  ? syscall_enter_from_user_mode+0x1d/0x50
11:19:52 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x82150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3081.799878]  do_syscall_64+0x33/0x40
[ 3081.799898]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3081.799911] RIP: 0033:0x7f01450cdb19
11:19:52 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x5c150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3081.799931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3081.799942] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3081.799964] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3081.799976] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3081.799988] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3081.799999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3081.800011] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3081.839529] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=79261 comm=syz-executor.0
[ 3081.947245] FAULT_INJECTION: forcing a failure.
[ 3081.947245] name failslab, interval 1, probability 0, space 0, times 0
[ 3081.947280] CPU: 1 PID: 79591 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3081.947286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3081.947290] Call Trace:
[ 3081.947306]  dump_stack+0x107/0x167
[ 3081.947319]  should_fail.cold+0x5/0xa
[ 3081.947332]  ? create_object.isra.0+0x3a/0xa20
[ 3081.947345]  should_failslab+0x5/0x20
[ 3081.947358]  kmem_cache_alloc+0x5b/0x310
[ 3081.947374]  ? legacy_get_tree+0x105/0x220
[ 3081.947383]  ? vfs_get_tree+0x8e/0x300
[ 3081.947395]  create_object.isra.0+0x3a/0xa20
[ 3081.947405]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3081.947419]  __kmalloc_track_caller+0x177/0x370
[ 3081.947431]  ? parse_opts.part.0+0x8e/0x340
[ 3081.947446]  kstrdup+0x36/0x70
[ 3081.947458]  parse_opts.part.0+0x8e/0x340
[ 3081.947471]  ? p9_fd_show_options+0x1c0/0x1c0
[ 3081.947486]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3081.947495]  ? quarantine_put+0x8b/0x1a0
[ 3081.947505]  ? trace_hardirqs_on+0x5b/0x180
[ 3081.947516]  ? kfree+0xd7/0x340
[ 3081.947532]  p9_fd_create+0x98/0x4a0
[ 3081.947543]  ? p9_conn_create+0x510/0x510
[ 3081.947553]  ? p9_client_create+0x798/0x1230
[ 3081.947563]  ? kfree+0xd7/0x340
[ 3081.947571]  ? do_raw_spin_unlock+0x4f/0x220
[ 3081.947586]  p9_client_create+0x7ff/0x1230
[ 3081.947602]  ? p9_client_flush+0x430/0x430
[ 3081.947612]  ? trace_hardirqs_on+0x5b/0x180
[ 3081.947624]  ? lockdep_init_map_type+0x2c7/0x780
[ 3081.947636]  ? __raw_spin_lock_init+0x36/0x110
[ 3081.947650]  v9fs_session_init+0x1dd/0x1680
[ 3081.947661]  ? lock_release+0x680/0x680
[ 3081.947676]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3081.947686]  ? v9fs_show_options+0x690/0x690
[ 3081.947701]  ? trace_hardirqs_on+0x5b/0x180
[ 3081.947712]  ? kasan_unpoison_shadow+0x33/0x50
[ 3081.947722]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3081.947733]  v9fs_mount+0x79/0x8f0
[ 3081.947744]  ? v9fs_write_inode+0x60/0x60
[ 3081.947755]  legacy_get_tree+0x105/0x220
[ 3081.947765]  vfs_get_tree+0x8e/0x300
[ 3081.947775]  path_mount+0x1429/0x2120
[ 3081.947790]  ? strncpy_from_user+0x9e/0x470
[ 3081.947800]  ? finish_automount+0xa90/0xa90
[ 3081.947811]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3081.947823]  ? _copy_from_user+0xfb/0x1b0
[ 3081.947837]  __x64_sys_mount+0x282/0x300
[ 3081.947847]  ? copy_mnt_ns+0xa00/0xa00
[ 3081.947862]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3081.947876]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3081.947889]  do_syscall_64+0x33/0x40
[ 3081.947900]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3081.947907] RIP: 0033:0x7f01450cdb19
[ 3081.947918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3081.947924] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3081.947936] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3081.947942] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3081.947949] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3081.947954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3081.947960] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:20:10 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = getpid()
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
perf_event_open(&(0x7f0000000080)={0x6, 0x80, 0x10, 0x3d, 0x4, 0x20, 0x0, 0x4, 0x20, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x80000001, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x1000, 0xca, 0x8, 0x9, 0x1, 0x5, 0x5, 0x0, 0x800, 0x0, 0x8}, r0, 0xffffffffffffffff, r2, 0xd)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:20:10 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {0x0}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:20:10 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x5d150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:10 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 28)

11:20:10 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bf", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:20:10 executing program 4:
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000000)={0x20000000})
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:20:10 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x83150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:10 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x5000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3100.147107] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=79908 comm=syz-executor.0
[ 3100.166189] FAULT_INJECTION: forcing a failure.
[ 3100.166189] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.169564] CPU: 0 PID: 79906 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3100.171140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.172908] Call Trace:
[ 3100.173473]  dump_stack+0x107/0x167
[ 3100.174247]  should_fail.cold+0x5/0xa
[ 3100.175069]  ? create_object.isra.0+0x3a/0xa20
[ 3100.176045]  should_failslab+0x5/0x20
[ 3100.176863]  kmem_cache_alloc+0x5b/0x310
[ 3100.177726]  create_object.isra.0+0x3a/0xa20
[ 3100.178664]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.179750]  __kmalloc_track_caller+0x177/0x370
[ 3100.180743]  ? p9_client_create+0x51e/0x1230
[ 3100.181695]  kmemdup_nul+0x2d/0xa0
[ 3100.182457]  p9_client_create+0x51e/0x1230
[ 3100.183373]  ? p9_client_flush+0x430/0x430
[ 3100.184273]  ? trace_hardirqs_on+0x5b/0x180
[ 3100.185196]  ? lockdep_init_map_type+0x2c7/0x780
[ 3100.186200]  ? __raw_spin_lock_init+0x36/0x110
[ 3100.187199]  v9fs_session_init+0x1dd/0x1680
[ 3100.188109]  ? lock_release+0x680/0x680
[ 3100.188956]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3100.189974]  ? v9fs_show_options+0x690/0x690
[ 3100.190921]  ? trace_hardirqs_on+0x5b/0x180
[ 3100.191836]  ? kasan_unpoison_shadow+0x33/0x50
[ 3100.192807]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.193895]  v9fs_mount+0x79/0x8f0
[ 3100.194652]  ? v9fs_write_inode+0x60/0x60
[ 3100.195539]  legacy_get_tree+0x105/0x220
[ 3100.196397]  vfs_get_tree+0x8e/0x300
[ 3100.197193]  path_mount+0x1429/0x2120
[ 3100.198006]  ? strncpy_from_user+0x9e/0x470
[ 3100.198929]  ? finish_automount+0xa90/0xa90
[ 3100.199849]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3100.200836]  ? _copy_from_user+0xfb/0x1b0
[ 3100.201727]  __x64_sys_mount+0x282/0x300
[ 3100.202594]  ? copy_mnt_ns+0xa00/0xa00
[ 3100.203420]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.204539]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.205633]  do_syscall_64+0x33/0x40
[ 3100.206423]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.207524] RIP: 0033:0x7f01450cdb19
[ 3100.208314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.212223] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3100.213832] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3100.215348] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3100.216859] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3100.218367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.219891] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:20:10 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = gettid()
tgkill(r0, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x21000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x9}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xa1e4}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
pidfd_open(r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="40000000000000002e2f66696c653000857d41e26cb7f95dc60e9a2ba6765f2599e32af98e520be2b919f2fdb28cdac67570028215534a49cfdcb30fe8146225e8d8e025db19bdd9346170415996475617d55ba182ded11ae0aff51f419f3e9c53041ace77483ae53b0000000000000000"])
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x80000000})
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x8010, 0xffffffffffffffff, 0x8000000)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r4, 0x1, 0x3d, &(0x7f0000000140), 0x8)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000200)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x1}, 0x0, 0x0, 0x1}, 0x7)

11:20:10 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xb8, 0x3, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0x1}, [@CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x8}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x2}, @CTA_PROTOINFO={0x28, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x24, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0x8}, @CTA_PROTOINFO_SCTP_VTAG_REPLY={0x8, 0x3, 0x1, 0x0, 0xd7}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0xf8}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0x6}]}}, @CTA_SEQ_ADJ_REPLY={0x44, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xc878}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x3f}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xffffffc0}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xb7c3}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x400}]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x2}, @CTA_MARK_MASK={0x8}, @CTA_TUPLE_MASTER={0x10, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4008000}, 0x40050)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000068385e8a0c000000000000000000000200"], 0x14}}, 0x0)
openat$cgroup_devices(r4, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)

11:20:10 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x6000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:11 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x84150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:11 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x5}}, './file0\x00'})
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0xd)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000080)={0x5e, 0xa, 0x0, 0x5, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, @loopback, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1]}, 0x58)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r4=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x3, 0x6}, 0x10)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@mcast2, r4}, 0x14)

11:20:11 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 29)

[ 3100.439716] device syz_tun entered promiscuous mode
[ 3100.446905] device syz_tun left promiscuous mode
[ 3100.467197] device syz_tun entered promiscuous mode
[ 3100.471819] device syz_tun left promiscuous mode
[ 3100.509965] FAULT_INJECTION: forcing a failure.
11:20:11 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x5e150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3100.509965] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.511973] CPU: 1 PID: 80494 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3100.513006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.514315] Call Trace:
[ 3100.514813]  dump_stack+0x107/0x167
[ 3100.515364]  should_fail.cold+0x5/0xa
[ 3100.515934]  ? create_object.isra.0+0x3a/0xa20
[ 3100.516612]  should_failslab+0x5/0x20
[ 3100.517196]  kmem_cache_alloc+0x5b/0x310
[ 3100.517804]  create_object.isra.0+0x3a/0xa20
[ 3100.518462]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.519230]  __kmalloc_track_caller+0x177/0x370
[ 3100.519932]  ? match_number+0xaf/0x1d0
[ 3100.520518]  kmemdup_nul+0x2d/0xa0
[ 3100.521046]  match_number+0xaf/0x1d0
[ 3100.521596]  ? match_u64+0x190/0x190
[ 3100.522148]  ? __kmalloc_track_caller+0x2c6/0x370
[ 3100.522870]  ? memcpy+0x39/0x60
[ 3100.523365]  parse_opts.part.0+0x1f3/0x340
[ 3100.524001]  ? p9_fd_show_options+0x1c0/0x1c0
[ 3100.524675]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.525542]  ? trace_hardirqs_on+0x5b/0x180
[ 3100.526292]  ? kfree+0xd7/0x340
[ 3100.526795]  p9_fd_create+0x98/0x4a0
[ 3100.527355]  ? p9_conn_create+0x510/0x510
[ 3100.527977]  ? p9_client_create+0x798/0x1230
[ 3100.528709]  ? kfree+0xd7/0x340
[ 3100.529275]  ? do_raw_spin_unlock+0x4f/0x220
[ 3100.529935]  p9_client_create+0x7ff/0x1230
[ 3100.530590]  ? p9_client_flush+0x430/0x430
[ 3100.531283]  ? trace_hardirqs_on+0x5b/0x180
[ 3100.531929]  ? lockdep_init_map_type+0x2c7/0x780
[ 3100.532632]  ? __raw_spin_lock_init+0x36/0x110
[ 3100.533312]  v9fs_session_init+0x1dd/0x1680
[ 3100.533951]  ? lock_release+0x680/0x680
[ 3100.534554]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3100.535253]  ? v9fs_show_options+0x690/0x690
[ 3100.535901]  ? trace_hardirqs_on+0x5b/0x180
[ 3100.536534]  ? kasan_unpoison_shadow+0x33/0x50
[ 3100.537207]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.537956]  v9fs_mount+0x79/0x8f0
[ 3100.538490]  ? v9fs_write_inode+0x60/0x60
[ 3100.539109]  legacy_get_tree+0x105/0x220
[ 3100.539708]  vfs_get_tree+0x8e/0x300
[ 3100.540265]  path_mount+0x1429/0x2120
[ 3100.540831]  ? strncpy_from_user+0x9e/0x470
[ 3100.541467]  ? finish_automount+0xa90/0xa90
[ 3100.542097]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3100.542811]  ? _copy_from_user+0xfb/0x1b0
[ 3100.543429]  __x64_sys_mount+0x282/0x300
[ 3100.544019]  ? copy_mnt_ns+0xa00/0xa00
[ 3100.544590]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.545360]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.546114]  do_syscall_64+0x33/0x40
[ 3100.546669]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.547430] RIP: 0033:0x7f01450cdb19
[ 3100.547971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.550674] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3100.551816] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3100.552901] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3100.553939] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3100.554988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.556021] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:20:26 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:20:26 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:20:26 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bf", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:20:26 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 30)

11:20:26 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x84400000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:26 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$int_out(r0, 0x0, &(0x7f0000000000))
r1 = epoll_create1(0x0)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080))
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x16600, 0x0)
ioctl$AUTOFS_IOC_CATATONIC(r3, 0x9362, 0x0)

11:20:26 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x5f150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:26 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x7000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3116.101498] FAULT_INJECTION: forcing a failure.
[ 3116.101498] name failslab, interval 1, probability 0, space 0, times 0
[ 3116.104427] CPU: 1 PID: 80765 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3116.106030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3116.107891] Call Trace:
[ 3116.108454]  dump_stack+0x107/0x167
[ 3116.109208]  should_fail.cold+0x5/0xa
[ 3116.109998]  should_failslab+0x5/0x20
[ 3116.110801]  __kmalloc_track_caller+0x79/0x370
[ 3116.111966]  ? match_number+0xaf/0x1d0
[ 3116.112751]  ? kfree+0xd7/0x340
[ 3116.113440]  kmemdup_nul+0x2d/0xa0
[ 3116.114181]  match_number+0xaf/0x1d0
[ 3116.114977]  ? match_u64+0x190/0x190
[ 3116.115790]  ? __kmalloc_track_caller+0x2c6/0x370
[ 3116.116811]  ? memcpy+0x39/0x60
[ 3116.117627]  parse_opts.part.0+0x1f3/0x340
[ 3116.118512]  ? p9_fd_show_options+0x1c0/0x1c0
[ 3116.119661]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3116.120737]  ? trace_hardirqs_on+0x5b/0x180
[ 3116.121817]  ? kfree+0xd7/0x340
[ 3116.122495]  p9_fd_create+0x98/0x4a0
[ 3116.123461]  ? p9_conn_create+0x510/0x510
[ 3116.124319]  ? p9_client_create+0x798/0x1230
[ 3116.125415]  ? kfree+0xd7/0x340
[ 3116.126101]  ? do_raw_spin_unlock+0x4f/0x220
[ 3116.127045]  p9_client_create+0x7ff/0x1230
[ 3116.128126]  ? p9_client_flush+0x430/0x430
[ 3116.129002]  ? trace_hardirqs_on+0x5b/0x180
[ 3116.129893]  ? lockdep_init_map_type+0x2c7/0x780
[ 3116.131087]  ? __raw_spin_lock_init+0x36/0x110
[ 3116.132023]  v9fs_session_init+0x1dd/0x1680
[ 3116.133111]  ? lock_release+0x680/0x680
[ 3116.133947]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3116.134139] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=80769 comm=syz-executor.0
[ 3116.135169]  ? v9fs_show_options+0x690/0x690
[ 3116.135198]  ? trace_hardirqs_on+0x5b/0x180
[ 3116.135217]  ? kasan_unpoison_shadow+0x33/0x50
[ 3116.135234]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3116.135258]  v9fs_mount+0x79/0x8f0
[ 3116.142383]  ? v9fs_write_inode+0x60/0x60
[ 3116.143443]  legacy_get_tree+0x105/0x220
[ 3116.144296]  vfs_get_tree+0x8e/0x300
[ 3116.145060]  path_mount+0x1429/0x2120
[ 3116.145853]  ? strncpy_from_user+0x9e/0x470
[ 3116.146738]  ? finish_automount+0xa90/0xa90
[ 3116.147657]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3116.148603]  ? _copy_from_user+0xfb/0x1b0
[ 3116.149502]  __x64_sys_mount+0x282/0x300
[ 3116.150343]  ? copy_mnt_ns+0xa00/0xa00
[ 3116.151162]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3116.152237]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3116.153498]  do_syscall_64+0x33/0x40
[ 3116.154260]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3116.155540] RIP: 0033:0x7f01450cdb19
[ 3116.156297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3116.160913] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3116.162438] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3116.163895] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3116.165402] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3116.167026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3116.168579] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3116.171683] 9pnet: Insufficient options for proto=fd
11:20:26 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7f7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
r0 = gettid()
tgkill(r0, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x5, 0x1f, 0x40, 0x1, 0x0, 0x3, 0xb899, 0xc, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc0000, 0x1, @perf_config_ext={0x200, 0x1ff}, 0x4016, 0x5, 0x1, 0x6, 0x3, 0x612, 0x5, 0x0, 0x7, 0x0, 0x4}, r0, 0x5, 0xffffffffffffffff, 0x8)

11:20:26 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x85150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:27 executing program 4:
r0 = epoll_create1(0x80000)
epoll_create(0x1)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:20:27 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x60150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:27 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r1 = fork()
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000140)=r1)
r2 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x4, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x3, 0x0, 0xe5, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r5}}, 0x101)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
setxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@ng={0x4, 0x10, "d637"}, 0x4, 0x1)

11:20:27 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x8000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:27 executing program 4:
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xb8, 0x3)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000003000210c1c0000000000000000000200"], 0x14}}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, r2, 0x10, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0xfffffffb, 0x55}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0xc0}, 0x50)
r4 = epoll_create1(0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
r7 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000000c0)={0x4000000a})
r8 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r8, &(0x7f0000000080)={0x20000000})

11:20:27 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x86150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3130.809707] FAULT_INJECTION: forcing a failure.
[ 3130.809707] name failslab, interval 1, probability 0, space 0, times 0
[ 3130.812883] CPU: 1 PID: 81813 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3130.814434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3130.816235] Call Trace:
[ 3130.816803]  dump_stack+0x107/0x167
[ 3130.817623]  should_fail.cold+0x5/0xa
[ 3130.818442]  ? create_object.isra.0+0x3a/0xa20
[ 3130.819434]  should_failslab+0x5/0x20
[ 3130.820251]  kmem_cache_alloc+0x5b/0x310
[ 3130.821127]  create_object.isra.0+0x3a/0xa20
[ 3130.822069]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
11:20:41 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x8b0b967, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:41 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 31)

11:20:41 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x61150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:41 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:20:41 executing program 4:
epoll_create1(0x0)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000003000210c000000000067000000000200"], 0x14}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080)={0x2008})
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f00000000c0)={0x2011})
setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x20000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r5=>r4, {0x15}}, './file0\x00'})
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000180)=0x100000)

11:20:41 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x87150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:41 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:20:41 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

[ 3130.823176]  __kmalloc_track_caller+0x177/0x370
[ 3130.823194]  ? match_number+0xaf/0x1d0
[ 3130.823218]  kmemdup_nul+0x2d/0xa0
[ 3130.823236]  match_number+0xaf/0x1d0
[ 3130.823254]  ? match_u64+0x190/0x190
[ 3130.823271]  ? __kmalloc_track_caller+0x2c6/0x370
[ 3130.823287]  ? memcpy+0x39/0x60
[ 3130.823310]  parse_opts.part.0+0x1f3/0x340
[ 3130.823331]  ? p9_fd_show_options+0x1c0/0x1c0
[ 3130.823359]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3130.823374]  ? trace_hardirqs_on+0x5b/0x180
[ 3130.823393]  ? kfree+0xd7/0x340
[ 3130.823417]  p9_fd_create+0x98/0x4a0
[ 3130.823435]  ? p9_conn_create+0x510/0x510
[ 3130.823451]  ? p9_client_create+0x798/0x1230
[ 3130.823467]  ? kfree+0xd7/0x340
[ 3130.823480]  ? do_raw_spin_unlock+0x4f/0x220
[ 3130.823504]  p9_client_create+0x7ff/0x1230
[ 3130.823529]  ? p9_client_flush+0x430/0x430
[ 3130.823546]  ? trace_hardirqs_on+0x5b/0x180
[ 3130.823633]  ? lockdep_init_map_type+0x2c7/0x780
[ 3130.823653]  ? __raw_spin_lock_init+0x36/0x110
11:20:41 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x10064, 0x0, 0x0, 0x0, 0x0, 0x4004000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 3130.823676]  v9fs_session_init+0x1dd/0x1680
[ 3130.823693]  ? lock_release+0x680/0x680
[ 3130.823718]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3130.823735]  ? v9fs_show_options+0x690/0x690
[ 3130.823759]  ? trace_hardirqs_on+0x5b/0x180
[ 3130.823776]  ? kasan_unpoison_shadow+0x33/0x50
[ 3130.823791]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3130.823810]  v9fs_mount+0x79/0x8f0
[ 3130.823826]  ? v9fs_write_inode+0x60/0x60
[ 3130.823845]  legacy_get_tree+0x105/0x220
[ 3130.823864]  vfs_get_tree+0x8e/0x300
[ 3130.823879]  path_mount+0x1429/0x2120
[ 3130.823901]  ? strncpy_from_user+0x9e/0x470
[ 3130.823917]  ? finish_automount+0xa90/0xa90
[ 3130.823934]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3130.823953]  ? _copy_from_user+0xfb/0x1b0
[ 3130.823977]  __x64_sys_mount+0x282/0x300
[ 3130.823992]  ? copy_mnt_ns+0xa00/0xa00
[ 3130.824013]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
11:20:41 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x88150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:41 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x9000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3130.824031]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3130.824050]  do_syscall_64+0x33/0x40
[ 3130.824067]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
11:20:41 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="05000000000032bdf758c200002e2f66696c653000"])
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x7f})

[ 3130.824079] RIP: 0033:0x7f01450cdb19
11:20:41 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x62150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:41 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 32)

[ 3130.824096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3130.824105] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3130.824123] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3130.824133] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3130.824143] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3130.824183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3130.824194] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3130.862749] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=81812 comm=syz-executor.0
[ 3131.296948] FAULT_INJECTION: forcing a failure.
[ 3131.296948] name failslab, interval 1, probability 0, space 0, times 0
[ 3131.296980] CPU: 0 PID: 82245 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3131.296998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3131.297007] Call Trace:
[ 3131.297041]  dump_stack+0x107/0x167
[ 3131.297074]  should_fail.cold+0x5/0xa
[ 3131.297109]  ? p9_fd_create+0x161/0x4a0
[ 3131.297145]  should_failslab+0x5/0x20
[ 3131.297177]  kmem_cache_alloc_trace+0x55/0x320
[ 3131.297220]  p9_fd_create+0x161/0x4a0
[ 3131.297261]  ? p9_conn_create+0x510/0x510
[ 3131.297289]  ? p9_client_create+0x798/0x1230
[ 3131.297322]  ? kfree+0xd7/0x340
[ 3131.297347]  ? do_raw_spin_unlock+0x4f/0x220
[ 3131.297472]  p9_client_create+0x7ff/0x1230
[ 3131.297525]  ? p9_client_flush+0x430/0x430
[ 3131.297557]  ? trace_hardirqs_on+0x5b/0x180
[ 3131.297591]  ? lockdep_init_map_type+0x2c7/0x780
[ 3131.297626]  ? __raw_spin_lock_init+0x36/0x110
[ 3131.297668]  v9fs_session_init+0x1dd/0x1680
[ 3131.297701]  ? lock_release+0x680/0x680
[ 3131.297748]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3131.297779]  ? v9fs_show_options+0x690/0x690
[ 3131.297827]  ? trace_hardirqs_on+0x5b/0x180
[ 3131.297861]  ? kasan_unpoison_shadow+0x33/0x50
[ 3131.297890]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3131.297926]  v9fs_mount+0x79/0x8f0
[ 3131.297957]  ? v9fs_write_inode+0x60/0x60
[ 3131.297992]  legacy_get_tree+0x105/0x220
[ 3131.298026]  vfs_get_tree+0x8e/0x300
[ 3131.298055]  path_mount+0x1429/0x2120
[ 3131.298096]  ? strncpy_from_user+0x9e/0x470
[ 3131.298125]  ? finish_automount+0xa90/0xa90
[ 3131.298156]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3131.298186]  ? _copy_from_user+0xfb/0x1b0
[ 3131.298229]  __x64_sys_mount+0x282/0x300
[ 3131.298256]  ? copy_mnt_ns+0xa00/0xa00
[ 3131.298293]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3131.298327]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3131.298363]  do_syscall_64+0x33/0x40
[ 3131.298395]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3131.298416] RIP: 0033:0x7f01450cdb19
[ 3131.298447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3131.298465] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3131.298499] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3131.298518] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3131.298537] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3131.298555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3131.298575] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:20:59 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 33)

11:20:59 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:20:59 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:20:59 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x89150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:59 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
syz_io_uring_setup(0x2e61, &(0x7f0000000400)={0x0, 0xfdee, 0x8, 0x1, 0x31a, 0x0, r2}, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000480), &(0x7f00000001c0)=<r3=>0x0)
r4 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x4, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000280)=@IORING_OP_LINK_TIMEOUT={0xf, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x989680}, 0x1, 0x1, 0x1, {0x0, r7}}, 0x6)
r8 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r9=>0x0, &(0x7f0000000180)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'})
r11 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r8, 0x0)
syz_io_uring_submit(r11, r10, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(0x0, r10, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x3, 0x0, @fd=r0, 0x0, 0x0, 0x9, 0x1, 0x0, {0x0, 0x0, r0}}, 0x9)
sendmsg(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f00000004c0)="cc21a6ff222fefccbe4a1fbac00fc58dd22ee4f2206af42667140d8c0f0f4561b4786ad206df5b481b984f360298202ea4c0ccc0e481c29ab47ea70c95b417fdf3eb1e226c457ef6d64b66650e3b358dd689916b25c568186ba844b91f03bd33b5d8bedda95ef711f1698beb1601bcf05f134f8014", 0x75}, {&(0x7f0000000540)="4faef8dfff8b852c66c12e2bddb467461067342404e8e3a868054e48f69a3e3eec8f440bcabf844bd288856829beab456a0c64a607a1566f0939df2242da263a980c41a74d5176cc7a57b69750dbc14de4df060895a4427e1a904cd1ba5e43331ab99ed9b11f63ca3a333e6344aee7ffe9bce252a8fb26e80393b847009906a55a2004022d8909681e0e4e93b3cedbc0251bff5ba16717bc2a0c1d8e018894d57c2ffabff0b88708afd414b17643b6ac4073ef69d52c023c300c4e6fef26e38ee333ed7aaf2070d94c51c79c6dab259b2b91e3d17897", 0xd6}, {&(0x7f0000000640)="0968170df0049862fbfa3c1ca0bc1c0411bf2a23b7730ed3c7a7f120f430a4b4a475928102c1db4b8b59c29dc7821e0c389cd978c857c6f88f6dc83b5cd821dcae7a5512aca733f0d8548613e461299a28eb96bec9f7634afabcd819be615b08f02fbc4918a723353d5f882a74020fad37856ad7ba51c1448e8cf8457d79aa1931892fc8a08d838e02413d4f978230aeba3e8622d8a15b08ce83a838ff97f2cc3aebb1e908807c2cdb2e75b66de601fa9b8bca8dcee895ba65731fa800b6d75bac1e2479e4d6b6db9c635972d8ff7011d86f183e189c7fa053f2533ae4bb7ab2f807cf022e5aa31397bed165ebcc875f", 0xf0}], 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="000100000000000003010000fbffffff5fd3e32de9c5fbf6c21239eba1e4a90d4e5b96088b46fdbdc3e281b6ba4be22d8e4be804e09418dddb23e153b6016556e51d1f767c72dc4adc749ac25c5abdf527ded9f8815b3b630b44a09b027d5359cc0cfbd0e79b91a37e7e563d63c1487238b22c93115c27e1630c8eb3dbdbd7f11633c6cdd81a402a998dc129768ae6656123fcb899816a91a1703d6d8b84cbaae06b475c67e32fe79debc22746263340eb35fc02342160168eea4cd94e67bd4b6a7a52a21470954dea88908136160c3f000000000000000880a2fb0dc0701fcd302f12436e003a31ba95e1a4f9fdb45719015daa2976824cb6393e2ca4000000"], 0x100}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:20:59 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0xa000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:59 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x63150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:59 executing program 4:
r0 = epoll_create1(0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001640), 0x141400, 0x0)
r3 = memfd_create(&(0x7f0000001680)='$\x00', 0x7)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r4, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r5 = syz_open_dev$vcsn(&(0x7f00000016c0), 0x2, 0x420201)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r6, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r7, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000001700)='./binderfs2/binder0\x00', 0x2, 0x0)
r9 = getpid()
r10 = gettid()
tgkill(r10, r10, 0x0)
lstat(&(0x7f0000001740)='./file0\x00', &(0x7f0000001780)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001900)=[{{&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000140)="848184519e0c0f07560418f82fee4021caa7f29dec7748b3b08580061179017bc60a2bd81011550926bfe059e6e6dd69a75e6312c86a05e40f42eaf2ab7587bfdb9852b1b74e1e3b9e823b52609d50eb62aae96af48de631264c7179c53b2d44a8c9dc8a08eb663382c9d909bf46e676e539998048a3985aad903699511599514cbb9ac903b40217652333d99c", 0x8d}, {&(0x7f0000000000)="12223b1f822a661666a9eec4f96fd325bee491d1495ae0e99f3e49b61666e6487da2f7e19c55e97f3d57307cbc", 0x2d}, {&(0x7f0000000200)="1be5c3e60ce9fbba02993bec137e190c60319ca7183c7a4e480ae56046f8a2b593cf976c7c121c829ae0ea078b063d970c22dbaf1a8ccc140ccce31ba15e60aeff13a2580a565e3924d8e68c7bae748436047725c03f9887a9f6178e6474828c26ebca61fa1064735475e894bd22c97893b008b8391c1b6b1295ffc09c0c7c831364b17696697bc03a59bc053061124b7f2eceb5c5b21ac1f6bc307692b23948aaee7de9ee7b7928db0c3cbef6a56368d1402b3bfe64547414d2d106502d70c4d60fa2e907108793a494febaf28857105cb50931d4c7af", 0xd7}, {&(0x7f0000000300)="ed8420342bd0d0dea031580846cc46bae6079e9b19fd612febe87dfd1a2e1020317a5825ecd490df752f88ca0733a69880c264669bb5944a62fd6efdf16466d7d909f0923e8ca85533f4d745818a9a05ec74b252daa56021e2efecf8eae2bece38", 0x61}], 0x4, &(0x7f0000000580)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee00}}}, @rights={{0x10}}], 0x68, 0x4000800}}, {{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000600)="eaf734f4b6dd3af57a2df918a239d07624e0f589bd60f79a3c31c20fcb5c32963f06662c81c64558b36478fc2f812ea167cbdb508c8dc4237c32e62858c0658f6987794f66abe03370f76a99519cf2d2ac062e4736687b9b3b61108686144e430967421541145d32e27094a23d30a850ca8afa808213e7b68ba4975513ff6fdb39490716fb857d7078f83472efb4fa5b50a1a65f3656b82b73253195c68f86ebb4e64b877eda00d9d380911e00386f69b6cb0274730ef82fe12b15d515819ae6873810a38dff806f4f1d309c04f0c60fd7c85eb479ec95b9424e5266193677036d988674dee12c2bb428fbd4ea8253dd894169e1366a925c34508fcbabbdb65aa227e8afa86c3eb7151f4d28c7128ac7cc7185344eafcbc279899dfd73e9cfdf0d247e9cd9ea85a2ae28def355fbebf7ce19f842c1d1d8bd98e5e63fbbf76073a5ff2fcd37b8fe7ac4eae98ed99ab1c3b87d37c49cce1b0992ba856a808213ae0fd875525c4286bebe87b35f064bea579ea125e4b8727073b607ec49aab25a6b6236fd0386cdc0039d7a9c657761027686747f620095f607931002008e6d040f4ae9adbce8b6bea3a8c78d17d6e6c8678d54d0e6715f4be93b47007f5ac91c86689dc55b988ddaa14c30ce767a314a4e69c68d55a8848af9a3211770c432d4380d51f3325b733373ce7b947f1918d5e7a6a369d35a21e7e60d6703466e7c106169ef1e3c4262b24b891b7178dbe66f43991f728c3969df157bd93263c886402e622b1e4fea66b1fa0363b36816971721e90b21d461ea9ceacf5ca2dd5cf5a1a41147333b0fc2936b7e044c8e72290f3d1c61cbd5f8b4fb604789019ebebf639cbaec71eda2d7c495368bd227a350f9388f046133b354dcc3ef81967fbc38e1295e05cea7abfeca24d72e041ccad853c1363e878a914bf13d3583a3f426ddf06cfeffc3e60ee0c966fefda9549d8140b0157831e4246351fa04b94d132c242ad1ced06911fbcf912d59cfea3eb00319e710621e486f7f446546e486e175ea0d839771dc89da25f402f2d8940725be8e24dab3b12989149fa799ff105b0f9f0489cef12ae7ad5bfabb669f86037fdde5c62d6c63914b3a9294779ef186f975cdf77ca9c3008cbad82f32ac7636548f9518f7c1e0973c801ff34856cacd9f8e9b84b96f80ffb58e165113cb308d5fafd32be57a296aa5a21fc7bb0dcff84c2984b26505107341376b117f95b1c8b148872f0d3f21c09c6d9a3e1fd3894611722f075c0da03b1d38f78bebce75ec7aa730af425647907884bb6209be6ebf142a4cf9c1660cbe438fc5b6271f127c8fd8a0a9e935c460b429e95b20846729d6b02f4f898acb8e26ab221081b818545e167cc873f4b522836b434835461894f00a6e7c1d0e66a5162f83e1e0e249fd42786093f817d4dc1ed12c8712f5d8227529ced80e876f99e048b7486e2617e642d80791dd9fd89c47f8443502671fe0cd9c634d64f2c7fb1f25dbdec545156bb844c436bd09fe6b8416b47c504a1c3a6929c7a269eaf43c0b70f4ed6eddd6e3e5747642272242da219c7424b916129e096f113c1a03b76ccc58eda8e22d85abdebb6d1dd1d89249dd214ce7eab1f97a4ff177e95b2c8f0c264e679da1d23b9fdd289319127ee10225ba23c6e78eabd2e11c4b41f7759157530bef3966564de0e92468685a8c3b04723ff00d3f28bdd03bf2745b955b22673779bf1fe7f3ac0b7ad0e8be54ebbe7ee2036f11911737d58c403fdbce419b60214e8f1b763963e36d44cca5bba499f7f0086cb96583d670da33e45e92bcfde2bce8372a85bb4975a3b5dae3513f6c94fd3142bc01bc3a430b6ca9d56247b1d46bd9269d05eda6cfe4e78374b0823b367b638b22c24b278a56c5c85ca79993d9917818a654e45241f9f74da2551a147e50aa178ded7f39e683e9fd4434520af0351c57dbc33f19917cef353ea87d9503a65eec6447d3b47f21abb2e9c795d81e04b5507f9361e84d09e40a6eab3cc3cb8c4642b0f46ca0da2d79ad4d89927d96913c0b3691181b0a81b44830bc21df36f972d2ab47364e99096dd6cd6e6bff7d3cde506fa2f1f16f19c322819bb71cbfd5d1b7dff37039bd7eaad745ccf527dbb6da8f5ae00703b27dbdf0823115d114e4ddb199dae4f8780eb93e8d0cc863dc87b6be94d878ff65487bdcce93571db20ca64458afede52026d305646e1cce92401f41c3751a10995a88351cca176a353faf215be41e8197d95364a08216285166fe446b040c496a02b658c1747b76b2abbd002b9c2d07c76bc7d05b2ac5b4f4c708f285b405667bbe8a7bdbe30dee51e879525a43e220e72ddf3d9a317079b429823db2aa5c3f6cc3e5e26ff3c6015c34b832a0caaf9b5176d1877358a079cf3c8034b18dca4f854fa3bcd570cc6d9f330660c44ca3b6257a93f16234738dac8fe71bb5d9cde12c54778ba8a501b5dc9e88c53b209b6b406190ad7eae2ac3420e3c6f59b22f0f17e611c3eac3aef84c95d9a077e98cd9e5cfc9fee8f8c36d241fd41618ef27c5e19c7622991a47ccd61b77c4febc96483b58bcd6722ab6be542cccc62b4b5bf860f00f92594f2c9ab096af31d3dbacf09dda9963035e66778b83cfcb97944701efdba5f81f451b0e1959d3b7aaefdb7d249de715eb7d725e339ae2e886e7e5a2ab7c46ab219b9659b12509c5f442ee4972e86760dd2394e15a2a0e175747e9b204ceb153ed1d6ca7f418b4a400fed1e795328b42890986a092d54d5e87851cf19449c473dd8e6d1ec979530e2231c6b0d36f4ce8f0277abca2bb8be2230466353315b0d19ae0c977340a7c4b62898e4c02d80760523d7d1fb992ee08589c09e975256bff58ba72f6508950ed63c5520a3d90935f4c7d41448989a110328f05975b9a17faba09d7fa6696f2805e4e3ec0cf4f7244910519c508b46be666efae0562fe7b3e712946759326e3abb99b8419760ac8545e4f7607518b250a11dbdf5f6d5aca1c94192f7a5c683569a57c8dbf0fa91a3305e7a8f896cf18679022ef41c59f79b5a8429b246bd9df3a9773cc06c97e81aa193e69299ad167cd3a0e5288a3fa1d842bf48dc920094b69fb75c9808b583252d60445be0ef35d20a90d483bea4c8a4cb60580384b4fd679fbb48ce35c5c1a209da24361e5d26cd9c22797426e5dea28cbfd15cca41c0de62506244d6312524a020a597da0b7482ef5bfc9fb0fe8ba7754183eda5472c58fd208375b5f46addf57f8334132d1bd027b2e15d859e14c69cf18eae17890e9665cd6462a11ee8c7a2e2e9784894eb2a75a2b2f6b1546da1ae992baf663917aa607025bef66f2acf9ec9ced8983d0953c5ee9ab9bff88ceb2180c47c39d2b2b9df39db4c52e3658b31458865499317f4d58cc426f5b86cbb34d4cb47f130d931624266b2a9a8276ebdf5e01ef5037a00a86f36c2cf7d810dbfa46d81abf49023ba8e7fef0623d5d21e2916c194df0d4e3fe4277b95c31505297f2125e18e1aa070f848a6cd9d16176ca2864b3d32d375c60e0573760a3073cbb33fcf587ef98601bb171092ad6bec84b60de6ff6b233652e0fb9291b14663f676fb24e96555c482dc7a65f2d9b2a4480dbb8d0afa2d14c14eff9cca524b98a6ec417fdbb86dfdf3342dfe847a6c93d904ad48d9c04720d6ac30c793fc1bf265af7a5cb8f05991430e87832431da72d5767b17489529ad24210ebd014d1f104b45e923d12d4bdf902b0f3e92c93e81a2f5a51d14d3e3b5e2cf8350f5f463013bdeb52edeb8bb1de9b978d11becdca5cb96612bd337ff4fa06d32bcd2915c1e71526d4941634e35aa60a0ce337bf2d6f2a704e29a5e553141688476c4a2d59f23a120bc8828259795f8b0286627764553940eaa82e30493a29fec6500c52860ab8664dcf8db268cfcf2de720b6e24d217a255c96c6efbcd26f6e391404485be9bcd92aff79421c2fdbf79045814e663c43ac2ec041f3750555750291abb8e8e04a01130420851bcc01a1d25629bf44572db126fdd0275fa207cb844e4632cf953aa61679a9aaea97148f106f8b920cc231b4754583d7348fd4f9e3881afe94fc45964106e64ee16cdb7a6c4b16c2b149fde8a0c50fd0d7392817884dca79fcb7331a3bca6136a59835722346fdebc05f425470db3b9d330b09cb02a25899e7b4ef735d754fae26fcfd61c292c0d50fad8302af5865ab71414352a50c6b0571467c7234eb55d18247b2cb4d75a2a3e06d4ac167a5fa02d0b246a1fa5d0d2e2bb1a2eebffeb6c2466e61952960d2823e6669ba569e062ebdeec23c59def9c7be4767533f1ce0c82a65ba6d5e9b5261693e7a29f378ef4e251a7252b1ed76d2a0fe2f560b46a2ebfa858adfe2dc620d2eb308aeb5e73258e27bad58d933f930fb008a2aa6adec68887b5378d4af2404fa1af518150d2bdd0f18a6cdb82c83f2d17332e3020b9bdf1f62567b581023454315d7fe67f1a8b89bf65cd447116fd04c1f0e15e55b4beeaf0a7b07ffcff494b68d0108a7d8ced3430f5b41ec6308bd121b56e720ffe1d5b263f481fe46bf00c63f1ca1e8e7c8e981690de831d764b1dac30c163fc22d23a573f1373bd29f541fa1a0ce43812a9030af3fe7daadbbd3b69e599daf5231ace06c49d3b3b92bd78ae418b4abf37daabd4c418c6253759369538c3d4e6cd2ea8863f9cf1f919d2637e8b8b57de50234dd41ed01d9a9c8ab54a45086f276fb48c885a574d91364db28da3f19ff3976ec262484512fee2ee917e719567d43999a27b1a894798f1547517625e7c16c9ca93af7ea8c8dd8f780eeb7f420188f4f470ceb1037123a7aea2e152060a444ff10e575d7590c03c90c268d16ea028777c4849c982e2b70d0b4277ad03413b683ab91b6d500554602c329f03318815183b86b579e6cb077f5147f43d0cc2da4d61664865cd709194454fc0cd65ea7cf36a9565ce37934489915fbd8acacdc4f92045ccd8a7a84064b9c0b53bcdc98a5b8cf296521622ed8987c32f8f2c978ebf064b8ea384c760b52138c7a58762afaa2a4a7baae041e22298541ed553c96b318432bcbb69fdb8b960f6cb35beda1d2b6857b8f0c3b777c4ca9199f65b82cec78cbfa0e27a0d2e6418f8dcbc8ff18b5fcbd5a87baaeb102706c4f80a16ff484715789eaee02727257d38eb9c96504a135c70ff5654928df3a60be69e0e89807dd75627f3dc124880d1be95e6b2ba64630fa967055ba356e11f8c02f3cccd235df593f31f5726225a1ccb4b2a477e2ff1e0b26e42eaaaf7a4bfcde1f094925ad2f93d112245798346ac688b127d3d8c883f678bb01b5e82d5e8869d30b3d4f5087d1a0b2302b8aa418e6340aee9208273e420fd7d58a4a789a01290d5b63b56678fbdf84a60dc53695ab9789e013c85ac0a2c8ac6c3692360c1953a81b405df2e4230db4a2e0db82d404494e0495ffc3d6bdb71d02f1717adfb6b00d819e6fcb62e634ba77e7e833500247723c150a5d98593744e1db59fdbecc74a58073f39660b9099c141c012795dac0dcbdf0dcc66ff9ba82b90d930f998ebc476e464a06d51308fcf63ff2f18b8f040fefd25e934fa5fb08f316d4886435f528776a651c33561e1ac185a8645728dfd985ba0f6bcf070be8c56f01786cf242da9a66e47ea959031171bb83a6fa39b3d23f21d875f53c7ee1493792131f98dca812cb17d7d9686b50140db9b13a841680be0ec4c7140c6e39e15c9b5b583f60053f01488bd3cff8e5d72ad14c3cc4f25d26ddb5381fe4537ef05785bb4b15ee6755", 0x1000}], 0x1, &(0x7f0000001800)=ANY=[@ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32=r7, @ANYRES32=r8, @ANYRES32=r0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r10, @ANYRES32=r11, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xe8, 0x80c0}}], 0x2, 0x4)
r12 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r12, &(0x7f0000000080))

[ 3148.482001] FAULT_INJECTION: forcing a failure.
[ 3148.482001] name failslab, interval 1, probability 0, space 0, times 0
[ 3148.484821] CPU: 0 PID: 82566 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3148.486298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3148.488084] Call Trace:
[ 3148.488664]  dump_stack+0x107/0x167
[ 3148.489446]  should_fail.cold+0x5/0xa
[ 3148.490271]  ? create_object.isra.0+0x3a/0xa20
[ 3148.491273]  should_failslab+0x5/0x20
[ 3148.492097]  kmem_cache_alloc+0x5b/0x310
[ 3148.492972]  ? p9_fd_show_options+0x1c0/0x1c0
[ 3148.493938]  create_object.isra.0+0x3a/0xa20
[ 3148.495149]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3148.496271]  kmem_cache_alloc_trace+0x151/0x320
[ 3148.497498]  p9_fd_create+0x161/0x4a0
[ 3148.498395]  ? p9_conn_create+0x510/0x510
[ 3148.499464]  ? p9_client_create+0x798/0x1230
[ 3148.500428]  ? kfree+0xd7/0x340
[ 3148.501287]  ? do_raw_spin_unlock+0x4f/0x220
[ 3148.502253]  p9_client_create+0x7ff/0x1230
[ 3148.503372]  ? p9_client_flush+0x430/0x430
[ 3148.504281]  ? trace_hardirqs_on+0x5b/0x180
[ 3148.505404]  ? lockdep_init_map_type+0x2c7/0x780
[ 3148.506515]  ? __raw_spin_lock_init+0x36/0x110
[ 3148.507732]  v9fs_session_init+0x1dd/0x1680
[ 3148.508893]  ? lock_release+0x680/0x680
[ 3148.509917]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3148.510938]  ? v9fs_show_options+0x690/0x690
[ 3148.512084]  ? trace_hardirqs_on+0x5b/0x180
[ 3148.513173]  ? kasan_unpoison_shadow+0x33/0x50
[ 3148.514348]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3148.515654]  v9fs_mount+0x79/0x8f0
[ 3148.516532]  ? v9fs_write_inode+0x60/0x60
[ 3148.517679]  legacy_get_tree+0x105/0x220
[ 3148.518693]  vfs_get_tree+0x8e/0x300
[ 3148.519675]  path_mount+0x1429/0x2120
[ 3148.520660]  ? strncpy_from_user+0x9e/0x470
[ 3148.521756]  ? finish_automount+0xa90/0xa90
[ 3148.522865]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3148.524067]  ? _copy_from_user+0xfb/0x1b0
[ 3148.525139]  __x64_sys_mount+0x282/0x300
[ 3148.526174]  ? copy_mnt_ns+0xa00/0xa00
[ 3148.527184]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3148.528523]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3148.529834]  do_syscall_64+0x33/0x40
[ 3148.530793]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3148.532144] RIP: 0033:0x7f01450cdb19
[ 3148.533136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3148.537952] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3148.539961] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3148.541826] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3148.543700] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3148.545567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3148.547446] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3148.564796] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=82556 comm=syz-executor.0
11:20:59 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x64150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:59 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0xb000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:59 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x8a150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:59 executing program 4:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x600, 0x0)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x2, 0x70bd25, 0x25dfdbff}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
r1 = epoll_create1(0x0)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080))

11:20:59 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 34)

11:20:59 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x65150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:20:59 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x18080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xfffffffffffffbff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000140), 0x8)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000140), 0x8)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0}, 0x100)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r6, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r7, 0x1, 0x3d, &(0x7f0000000140), 0x8)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x400, 0x4)
r8 = inotify_init1(0x800)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x10000)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="34000000000000000100000001000000", @ANYRES32, @ANYRES32=r8, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYRES32=r3, @ANYRES32=r0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=r5, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=r4, @ANYRES32=0xee00, @ANYBLOB="000000001000000000000000010000329dc63fbef7240d5677cfa5c20287f3843ab4e200010000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xa8, 0x8000}, 0x4000001)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYRES64=r0, @ANYRES32, @ANYRES16=r1])

[ 3149.049752] FAULT_INJECTION: forcing a failure.
[ 3149.049752] name failslab, interval 1, probability 0, space 0, times 0
[ 3149.051646] CPU: 1 PID: 83340 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3149.052821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3149.054151] Call Trace:
[ 3149.054650]  dump_stack+0x107/0x167
[ 3149.055256]  should_fail.cold+0x5/0xa
[ 3149.055870]  ? p9_client_prepare_req.part.0+0x3a/0xac0
[ 3149.056732]  should_failslab+0x5/0x20
[ 3149.057364]  kmem_cache_alloc+0x5b/0x310
[ 3149.058041]  p9_client_prepare_req.part.0+0x3a/0xac0
[ 3149.058939]  p9_client_rpc+0x220/0x1370
[ 3149.059595]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3149.060477]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3149.061424]  ? pipe_poll+0x21b/0x800
[ 3149.062100]  ? p9_fd_close+0x4a0/0x4a0
[ 3149.062837]  ? wait_for_partner+0x3c0/0x3c0
[ 3149.063683]  ? p9_fd_poll+0x1e0/0x2c0
[ 3149.064437]  ? p9_fd_create+0x357/0x4a0
[ 3149.065213]  ? p9_conn_create+0x510/0x510
[ 3149.066008]  ? p9_client_create+0x798/0x1230
11:20:59 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x10000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3149.066852]  ? kfree+0xd7/0x340
[ 3149.067795]  ? do_raw_spin_unlock+0x4f/0x220
[ 3149.068644]  p9_client_create+0xa76/0x1230
[ 3149.069484]  ? p9_client_flush+0x430/0x430
[ 3149.070284]  ? trace_hardirqs_on+0x5b/0x180
[ 3149.071093]  ? lockdep_init_map_type+0x2c7/0x780
[ 3149.071984]  ? __raw_spin_lock_init+0x36/0x110
[ 3149.072826]  v9fs_session_init+0x1dd/0x1680
[ 3149.073642]  ? lock_release+0x680/0x680
[ 3149.074411]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3149.075319]  ? v9fs_show_options+0x690/0x690
[ 3149.076149]  ? trace_hardirqs_on+0x5b/0x180
[ 3149.076951]  ? kasan_unpoison_shadow+0x33/0x50
[ 3149.077811]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3149.078770]  v9fs_mount+0x79/0x8f0
[ 3149.079464]  ? v9fs_write_inode+0x60/0x60
[ 3149.080253]  legacy_get_tree+0x105/0x220
[ 3149.081252]  vfs_get_tree+0x8e/0x300
[ 3149.081965]  path_mount+0x1429/0x2120
[ 3149.082687]  ? strncpy_from_user+0x9e/0x470
[ 3149.083528]  ? finish_automount+0xa90/0xa90
[ 3149.084350]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3149.085233]  ? _copy_from_user+0xfb/0x1b0
[ 3149.086035]  __x64_sys_mount+0x282/0x300
[ 3149.086808]  ? copy_mnt_ns+0xa00/0xa00
[ 3149.087582]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3149.088592]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3149.089566]  do_syscall_64+0x33/0x40
[ 3149.090274]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3149.091260] RIP: 0033:0x7f01450cdb19
[ 3149.092060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3149.095494] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3149.096932] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3149.098153] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3149.099346] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3149.100511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3149.101638] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:20:59 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={0x0, @dev={0xac, 0x14, 0x14, 0x3d}, @broadcast}, 0xc)
r1 = epoll_create1(0x0)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x331681, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r2, 0x4004f50d, &(0x7f00000000c0)=0x1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080))

11:21:13 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffb}, 0x100c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd_index=0x3, 0x10001, 0x0, 0x0, 0x3, 0x1, {0x0, r4}}, 0x8001)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x11)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000fef000/0x3000)=nil, 0x3000, 0x2000004, 0x10010, r6, 0x8000000)
r7 = socket$netlink(0x10, 0x3, 0x2)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
pipe2(&(0x7f0000000080)={<r9=>0xffffffffffffffff}, 0x800)
recvmsg(r9, &(0x7f00000001c0)={&(0x7f0000000240)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000900)=""/4096, 0x1000}], 0x1, &(0x7f0000000140)=""/56, 0x38}, 0x2020)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x1, 0x0, r7, 0x0, 0x0, 0x0, 0x60000103, 0x1, {0x3, r8}}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000400)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000e78215ec68545ee952fd7436a005c2c62c1c81b0ce112254973293"])

11:21:13 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x16f869f2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:13 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:21:13 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {0x0}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:21:13 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 35)

11:21:13 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:21:13 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x66150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:13 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x8b150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3163.210999] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=83720 comm=syz-executor.0
[ 3163.222118] FAULT_INJECTION: forcing a failure.
[ 3163.222118] name failslab, interval 1, probability 0, space 0, times 0
[ 3163.223533] CPU: 1 PID: 83743 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3163.224464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3163.225515] Call Trace:
[ 3163.225874]  dump_stack+0x107/0x167
[ 3163.226333]  should_fail.cold+0x5/0xa
[ 3163.226792]  ? create_object.isra.0+0x3a/0xa20
[ 3163.227400]  should_failslab+0x5/0x20
[ 3163.227873]  kmem_cache_alloc+0x5b/0x310
[ 3163.228363]  create_object.isra.0+0x3a/0xa20
[ 3163.228887]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3163.229544]  kmem_cache_alloc+0x159/0x310
[ 3163.230095]  p9_client_prepare_req.part.0+0x3a/0xac0
[ 3163.230915]  p9_client_rpc+0x220/0x1370
[ 3163.231555]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3163.232242]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3163.232886]  ? pipe_poll+0x21b/0x800
[ 3163.233329]  ? p9_fd_close+0x4a0/0x4a0
[ 3163.233828]  ? wait_for_partner+0x3c0/0x3c0
[ 3163.234345]  ? p9_fd_poll+0x1e0/0x2c0
[ 3163.234835]  ? p9_fd_create+0x357/0x4a0
[ 3163.235306]  ? p9_conn_create+0x510/0x510
[ 3163.235805]  ? p9_client_create+0x798/0x1230
[ 3163.236360]  ? kfree+0xd7/0x340
[ 3163.236752]  ? do_raw_spin_unlock+0x4f/0x220
[ 3163.237310]  p9_client_create+0xa76/0x1230
[ 3163.237817]  ? p9_client_flush+0x430/0x430
[ 3163.238349]  ? trace_hardirqs_on+0x5b/0x180
[ 3163.238859]  ? lockdep_init_map_type+0x2c7/0x780
[ 3163.239458]  ? __raw_spin_lock_init+0x36/0x110
[ 3163.240004]  v9fs_session_init+0x1dd/0x1680
[ 3163.240518]  ? lock_release+0x680/0x680
[ 3163.240991]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3163.241558]  ? v9fs_show_options+0x690/0x690
[ 3163.242122]  ? trace_hardirqs_on+0x5b/0x180
[ 3163.242632]  ? kasan_unpoison_shadow+0x33/0x50
[ 3163.243206]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3163.243821]  v9fs_mount+0x79/0x8f0
[ 3163.244269]  ? v9fs_write_inode+0x60/0x60
[ 3163.244788]  legacy_get_tree+0x105/0x220
[ 3163.245275]  vfs_get_tree+0x8e/0x300
[ 3163.245787]  path_mount+0x1429/0x2120
[ 3163.246350]  ? strncpy_from_user+0x9e/0x470
[ 3163.246925]  ? finish_automount+0xa90/0xa90
[ 3163.247543]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3163.248301]  ? _copy_from_user+0xfb/0x1b0
[ 3163.248873]  __x64_sys_mount+0x282/0x300
[ 3163.249385]  ? copy_mnt_ns+0xa00/0xa00
[ 3163.249851]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3163.250510]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3163.251129]  do_syscall_64+0x33/0x40
[ 3163.251608]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3163.252219] RIP: 0033:0x7f01450cdb19
[ 3163.252684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3163.255001] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3163.255957] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3163.256855] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3163.257760] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3163.258652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3163.259544] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:21:13 executing program 5:
fstat(0xffffffffffffffff, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001b00)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, <r1=>0xee00}}, './file0\x00'})
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000140), 0x8)
recvmmsg(0xffffffffffffffff, &(0x7f0000006cc0)=[{{&(0x7f0000001b40)=@xdp, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001bc0)}, {&(0x7f0000001c00)=""/119, 0x77}, {&(0x7f0000001c80)=""/56, 0x38}], 0x3, &(0x7f0000002e00)=""/243, 0xf3}, 0xfff}, {{&(0x7f0000001d00)=@rc={0x1f, @none}, 0x80, &(0x7f0000003240)=[{&(0x7f0000002f00)=""/93, 0x5d}, {&(0x7f0000002f80)=""/144, 0x90}, {&(0x7f0000003040)=""/214, 0xd6}, {&(0x7f0000003140)=""/213, 0xd5}], 0x4, &(0x7f0000003280)=""/79, 0x4f}, 0x1}, {{&(0x7f0000003300)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f00000055c0)=[{&(0x7f0000003380)=""/114, 0x72}, {&(0x7f0000003400)=""/213, 0xd5}, {&(0x7f0000003500)=""/165, 0xa5}, {&(0x7f00000035c0)=""/4096, 0x1000}, {&(0x7f00000045c0)=""/4096, 0x1000}], 0x5, &(0x7f0000005640)=""/39, 0x27}, 0x37}, {{&(0x7f0000005680)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000005940)=[{&(0x7f0000005700)=""/76, 0x4c}, {&(0x7f0000005780)=""/177, 0xb1}, {&(0x7f0000005840)=""/180, 0xb4}, {&(0x7f0000005900)=""/1, 0x1}], 0x4}, 0x9}, {{&(0x7f0000005980)=@pppol2tp={0x18, 0x1, {0x0, <r4=>0xffffffffffffffff}}, 0x80, &(0x7f0000006a00)=[{&(0x7f0000005a00)=""/4096, 0x1000}], 0x1, &(0x7f0000006a40)=""/103, 0x67}, 0x7fff}, {{&(0x7f0000006ac0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000006bc0)=[{&(0x7f0000006b40)=""/87, 0x57}], 0x1, &(0x7f0000006c00)=""/183, 0xb7}, 0x5b}], 0x6, 0x1, &(0x7f0000006e40)={0x0, 0x989680})
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r5, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r6, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r7 = syz_open_dev$hidraw(&(0x7f0000006e80), 0x90, 0x76980a2beacf290a)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r8, 0x1, 0x3d, &(0x7f0000000140), 0x8)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000006f80)=[{{&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001140)=[{&(0x7f0000000100)="530f58194807826f8f75698eeb18d5c7d8c12e992d02cff51ff2d2deb65ebc099ba1cb3e462e23495bfe290c80cce13ad2e141f822965c03e84f53350871fa784ff5f79cdaaee15b1224daa19eb144d836a6d7c788cf4374109a44f8c48a457ea8d790bb0ba109179400e32b2e78e8c0d6708d62e90e35ebab60fbfaea9f10ad67b554083cea3aa9eb2dd58170b4d7ab8f4d9517cd71d205f2d8a297add06b78279bd10d1e32ee9fac33fa17f01135fa120ccc9cda185ab3c43da867c391d7207fc1cf4359790a0dcb9be18ae91609598a69b485afbd49f3cbc9f73c61e87b2c492671caf8687553bbb681b443dda29127510e26e37e6e1a04577e4c9cdf364dbf3ef7bba5fb024ccdb9ba7cb064a111ccdc213a49c43d158757f32301484878fb39bab6c2390577a305c029c3eafba7c206e163f272a28761895d1416d616628275564840a68791bf40d7d0fa26b97781349da5a456a7776a1d610c89da8f5b9b0bf0f084aea82663458fdc4dc0fd00a609f9c06c740d1c1593779b097bf192814b759e8e7f59fce5b32b562cd51c3287488ffde0c5caef03c1b40fb6b19032028a8319babde20a85b139dbded141f60ec479af62fd738f8bf8e3733ecf78c17dd98890815c4df732d2479afa08fd5d9825d013e1a617dac9d12c62a671fcff1645645eece6242a262102d367af879431668a66cd32b8f6cb11a14cc8a62e7ce4e1b79ddd868845de6047aa84e751c08cf6e698181c073d7d54039833b8d5d18a66d4d037433d3afbfb829c6f1c14ca093af05fb2a34f4b976abeef48e84213600152228b05b1f25eeafe5cfe7088cfc9ffd6205562f77acfb631b98e56480c86da4ee5ad27c536edd4ac4d255fa2681dcaa41df354a4c8193524463a0ac999a271473fee90bd681b3e9ff868ebb6c473c3449734eb83424c38e833c7274e6b277fe56aabc220dc13dd6253c0fb89c6d9d9520be8fd32f3a4c9aafe66234feace9e8085516b1408906e2312ec268f4e310a3b729fb747f8572dcd313a0bb56412ec2d0dfe1b5002079e529c167d1c8b4dac5c32cfbeeb1702c9b9afa3d228ae2f0273a999bbd1642ac629925efea14089b17d92b6373a4d8287c80a3c5c07d1815b3a3f11232ad2d85fdeecae3d115f3b3feb848e81370903f238e485ea495df17b05e8c728f60b02191f02ccea7a69646f2836a0fa20b54add369b3c34bd470ec0ba7c1b57afc4348933e11e306814e9a81497a9eb3d4d8ee0f8ad956dd79ea1d7806756f9cb47ced95ee73036b28c9f84d43ab190171ff27853b6ce7e4d393aca0b843ebb7c42822309e359809ed0a0c42589c0533a8bfa74eaec2e4f5624d1cacad6b99124953834a5f7be6324f6f3c75eedf95e882a9b070a2d8ddeb8119aa6a9caf1f8b42dab8283fa07563d3daca2e90ed2c90a53c3bcad094ea6af1e16d0c517efb1c871c83ca49781e5c83673a9b2d6a60c4b5d5d0e3a6761d6bf1e191141feee032f6c20ca21c31239b9a0f6526f1be628fdf3a304c1845dab3d28a59f9dd86ab3ac5d2b05c59f930c7e7ac47be2d21b801ec11ca366e8a9fa675e4b1c0c06bd293ffe169187bb828df54a3ef559d39923952d193721679af301f37abd794cdae7253849107d67caa937e1d99137330aa64463b28dc9a7d07349128df2a6604063827509f1d45226574e173811eb61e736364bf9b3dd973aa28c25aaeeaad2b085892760a6c1104cd0b874ef76e7bd2b5e5a3dca5d7ae00288fcc6673a074d7db7c7a3693aff721944a32cd4df3eddb5743b006594b64b2155c264bc910c95d0f3a51d31260f6e04d76c89f868dcae1422a56d3a723b0abbd1cf96d5f32e0441bb14dccb8120268df025f1295583e0b636fb869aedfb5bcec89ecc8c235f6d36362b0592f6a1d80179378bd501d26c9756caae27e4b56871bcbbae7d37247b8eede448874535c4e64a3bf00fc8aec23ef776c185df9bc4178a5f77a578346af7c3f56d8cf723d0a5ab533d32664207cd11f1282a81f503511307295dde7aff5b01b1467cd19095914bddae81b629465a6019cc52408c1086e39f5cd8f38d07b996fb6ad52c95fbc8a2b775cdbf8654bdeed317085853577d246f594c6fde3eb6f6a528172944ab17b4149c4b3c75b9dd94d6ba1bbdf0cef1667dddf7e0637c9931b7be246e7710cbc0256229e11bcde80b7fa0921c133dbd5bfc3e53c23f963f39b7dea1e06af96edfc7c35e34e02863c9e6b0e4d5afad054601c098d21f75d96a63a7081ee702b20c054b6f76313236418aeec140ffef7fb1984d5c9a18c11e5fc793ebcc7b374d39f22f572f0ecb88da4a4156c2ac969aa669540151c79dc56d64968ba6a2aefed12a55c915941b93f4b699724e7c817ce2d4f8ddcf3fadba796f1c2eef20880fd08ecba440b0967f79c2cdeae2b93990f9a928ca8ebce670995e2f5ddafc0f9e7c2ddd5231c6272a4ec314a2f7942fefca953233460b603be2261c2885bf1d00b50648eb83a2e9e5fb5957b6e0d0151f61c7a28ef19cb51d600ae0abef0f17253f7eb5eee2414ab3d07db0710206b2b258e5cf50d3b3cc537232df46542c5f0e75cfebb43b806af49976823b1cc16d826aa62ffe66815ddf2a6c50ebe448c8f2a872d69fd6b0d4e9156ac83cbf6908577470c2dc7b0c0226dc5fbb15d1ae04c6eb3b90b538482de3c3cd020626d737081dd0c82285334f879db616c376e83987c09892a985327dd3c1f3fe84870271769c9db7792883ca51bff9488f13267efbb36ea9f9af3cd60385289700e3589145cb7e0b03c9bc3f8364c14a131fa79f84cbe9b9f17950fadee65be30ff99f1399fdf3d356869cbdea20bc500cc6c839db4207c799754ed9722c0b519e1d88103007de64266683feea9642d62847766260fc0f4958b838f715362d5d21370096fac49c56a87ce9fbe1ae3b52dd07fece546acdb38fd62771ba268a3b379aabaa847dcf1b5a937a37609ac28eab80c8d8229706f16c731f5ff2b6e4870ddbb2392f6f866ab603534a05a1d38f37b4cf34c97dd699a3f849f50ea67cf1d7280e6b5fc32a8e53f4cf88679ba16fe370204516d0e02ffc03ae96186e4d9aec7224ee8089803065c8fa0ce73669fc1d6b8ab47d7ce70d2eab5bba0cdcadbb888f02a5309301ca4312715b36cb1814637c1aa6cb37fad53b1195441acda6180cbfb64246ed20eb0bb8161667427de78ab1a79ee5c453bce9eba230b2a0b92e9e8947441caf3be497d8230953e2493940bea698e1bfd283a4d7fc0377ad642cb9e180075b0a25dad7159ea89074668b381d479e1228a2ee886fa3144aa4c2dd4a7237ed98ea9d01fa9b376253e143b2c0f7b7ab5f8ac5ba9ffd7c5f32baf1796f7b95e739e93995e308283cc0fd9790771cf2d879ad25754cf84e061a835145913d66828cae4d276c57c49c674185c34603881de12faedfc9d35fc321dd1ddd8ba4dea2afbdffde957e618ec185be387e343a1697f35f1f06159de42152ffa5bb8674e228ed3ec4883aae81976b97c38c3694c9916b23b7038c40541e03ce1e3a3ab323c39c001d5b6e601de1d0e3698ef5f93d02de80ca703d36e9d85b41016f8d221e3b837bcce56cb5f4eface84942c40743f88b593493d3ae278e7c794a1d9950eb645fcad64d60167f6739f7774c618105d345c3165328107c8fec587584d831e19c05fcf975242d8e3407f4cfa312ab1330a0b236774975aa8f5f32e1d04907e8b33eeeec2123fb66f574911ac0e5def6e34833924d1b003e73ed5bb8c878b2ed9c1604cdf236f42fb455d62f4c8f0cbaed5a62dcfd94c87ec2f17cbd5df1ae0c9bb04b0972430ac05de46cc95d547c003ab6af6b51b4dd5444a60dcb14316e69861d5d16225960a385f4e137598bbb3d5fff87e1bdd22fbc27135d6feb9ba2f38cbbfa77acd214a7f0c072b18f5a7fcaf3a4cbfc200a05798c2f6bcfdbb3e479c6830fe5936a491e2041585e6df941a09a2290a9774026c1d09d6771d9446a37d6fa559d47042ee4f2a790dcc6383f1c235e3505e7e3a5304c0d51043702a3c8f2f330cfcf693e78bf0cd3e2272c7616a5efc2e5e41755df2eee359258ea57c8c26b85490e9a52c98dd99873a077e2e8a785c293c31d2673135aa04bfc41ed3a0008230aa7ecc391b2d97894d50f16c4163f058c3d964a3ed4773220a1847da5a58a5c5d7735f71c6006a43db4159d0d97616beb06eea33c7a4f5ddb45f33bb6ea744c93747af19d51dc3684e70709e717ab93aa0e71607a26d7397375bf0e48ecac26f439816e97fdadd7a37374b883233b9bc34a0b9636850d9dfe556dfd2f88f283607a8298c7fe4a68ea0415c97b6d26a215fb304f6b7020e714e5e1db6a8ed8e719e425c2bd2d6760f3a76d0efca3fab1592987594de8c1c5cb177a5b03b8237c9174470187013076e0fa3140a6a772bea10c055316d3000e426f4a4ab19920bba7529a0c448b173877575f2d50531ca0181dbdc2e1450623b60cf1634648725b0ff4da9d8dac0bd2edac7e46c07fc41e7632b769537d0a4efd6c06f0b3ca13397ab16a247f45c847d6334d97ad4557c0d4a6eddf877c92e77486bcfe504c864d8d0e025599b10c691ec023e91fff1d079aae74b8658bad94fefd99f5a6fe1b7985e003a015d0fc078603817afba34e89248802003188796b3595218053346f440d0754cbf41bf1d6fb52d26e38e6375ed51558d6dd6d0b157d1c727f4f99ca3cc56f5bd3d45f5257409fa01e3b6915baa4eb14e2ead18ad64c8e4a619bb89d715d2b3e2f490e5b72542696444fa784209c9b7ac18db66d005293deab0729b658510c562374582b5f7b3cb1eae4d42aca33e8795cdce2f28812bcc297044aa9b9e71d4ba1b588d6e3eaef4c0d86a57e7743f3990bea9bfd100aef4f4638b4af93eedf712f286051ed7629e31d96a28cf91d92074a536d7b5b9fc18b155a19caa0cf6ef9b66c60150588ec69a5a6d60e1a10aa357568f35257665fae5de9272227ae8672056b3e04416a0e135e0ce603a8b61b2b41748d031da80a80262085ffac01597f1f60372cb6204b322f18b4a05a4afbab91464379cc1cee8e8958ac32cad34f07f628b9a490fd85255a97fb2c744b36d0d5f9ac99c6cc00ade90be8900af32659abdf97a92e4ac046ce85d75361bb69c275b457ab59c7c224c5cd422ae59b1e3441bfd71f5805685d5a182dcccc53815bc294943f3f445d181b78bdbc43ae59ab37894342e6307fcbbe3bfffc02e36f779989764da2fa644a4fc6aa210fec8bf4200d1a12de0b3b2ff5edab7251a0f3328703296e945dc07494b7b65e344cb79e4bd66aa6f3b3ffefdb6976b9e3bd8c30dafb7383cb12794fafee18321e0eeb48c32174c63f03e4a56edcad46985a66f0c583768d01ae71fec628201f7e5a2140aa873dd4d951f6a12e6c7746d353ee39069bf31fa13ddd49837b9e022e694d50444352ad978d3fd7ad8876b3cc7947086c81d54ea38d977acc58b274b2554ed7e5a6f6b31fc94e7ba98c5a71b492f5268b335903dec36b419a03f41b60691035b690a62ea7ac9a305cab04a0fffbf3f512afcbed9c7477e7acf4e26a913bae543021e6ec80dfe57c53858e77612fc33b9509141a8f747ae16777d8705a2d229fc1a7e4e8a2c891a99af74bcbbeab664c82d77a1b6471eae6371ea303c45df717a7e02f89ead00faa5969e181921dc5147a2ec9f3b8af7697f3261230a101092ee562d2576eba5e86d6556c907512a7f6325e1f85d02f532ade238c413478", 0x1000}, {&(0x7f0000000000)="26d463032b918e9469b5193c10616b93180399749adc0bfb47", 0x19}, {&(0x7f0000001100)="424ca4a567b0f8a78da683f05989b812d89ec2b938", 0x15}], 0x3, &(0x7f0000001640)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88, 0x80a5}}, {{&(0x7f0000001700)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000001980)=[{&(0x7f0000001780)="e4a8e5f2832ccf0fd3b8e89771e15c05f416743a4963c1deee7850780f2d338f468ffcfc38641bcc74756893cd6ba41fdc66da9e4638db219c32d1c8e4036e18671d9d2ecf1f541bbe54c79a0af5345f89f3f19589f196028b277d18dfd3a33846672b350c48291b4c79effb324fc38d166f5057582076798dccf27e2591c18a7590f398b396615fd08a74bb3a5c3df4f6d5ede70a8d4c601f29f90f3b372d46f9938def7f037d08724335f2b94f61d224fc921ef4bbd1f1e262c37517b6e4ff623a7111471539053a76dd058ba2721abcbe74712404a34d680a6416a5544ea05927714d198ffaaf", 0xe8}, {&(0x7f0000001880)="720c5370c6c77a3d5c31e4b9ffa620ded0cc8e59d4b5db3d42479b40e95645f4bef671298ac09266e63684b04feb9b6b7b434216f11dd36eb8d3dc4cd86c16d45200fa7d452d1f", 0x47}, {&(0x7f0000001900)="cd25b12100e39a7ef8ec47baa138924d95722cfb1fbc718736ed949735328dc1a0d199e1ba93cee775e6e5877cf4ba00bfe248b49ab473fd6e834e21d4c15889d41d75cdd0a56dfd5572a5d92cdc24c7b46ba95441095d2296a6381e2ce02eff8b7874fd3071bff979b60e3b6add2f52bece0b937d03d837c5ab", 0x7a}], 0x3, &(0x7f0000006ec0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r0, r1}}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, r2, r3, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r6, r7, r8, 0xffffffffffffffff]}}], 0xc0, 0x4000010}}], 0x2, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:21:14 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x67150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:14 executing program 5:
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r0=>0x0, ""/256, <r1=>0x0, <r2=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001e00)={<r3=>r2, r0, "cf61b0ec1aa311f7b3be0e4cf2a421a27b101bee061bcfe36e046bf8d6fdb25b749680eaa87d7db91d5035e285c0debbbcf4552881549af783c155512af93da36f0d0e48e2ed009d22fb313dfd26ce4e7beca2b425c2e3a29343415bfc2f7a91f5c80908df88ffb2e808c9753f53c7afd80139e21539f38724d2144f35ca70e86b41450d1bea0d559b8912b27937f88ca26d8f9ae4d1185e86fd753e3d47e6d17665eaa7ba0beab93eda1d3d932f991029226a7edecaf31b080f9582485e5931863771ab7736ab9e9cbcab32dc2b6e9e27806fc53f77293f0cbe4743f3e75be2c102b9ead8fa07da24802fee41993daa6c594220559940ba61600808fd1c32be", "340ad88fb9db0524378a2a315db1826e916b0f271888512d53245e9e3cc0d218696a299138b7dc93fc064103010800d3208f3f78fcf2679d9a20a21a480d06da5b654aedab4abba508fdf5278c456143774d460554ac6e1a9d11b6b923f1157afe6bcb0ec440cc3f40a226c5040185fbc805c998445598711e381f2bc8cd62c789e4e170fcda9c2a9c3358b485239f4061ba07fcee0e2f327a79cb336e5a44cd5cb3866f00b02a54b98157be71b951ce53ddda8afd65968c85f9402bcc773d00f40a2770b34eab7182736c973b0094874e7cb7c70a6bc858095f3449543181e0e8d7c3d72e57ea26eb9150fa9cc09a26be90be4885d15cf2ef59884a85b499dabfdf8b271c5e86d5735069d2d0cb84f3d5de963bde0941eafb09b87d63819e39ef26376117a6c4cd4cd896d4f89d5cb961a21dfff8006f8c7b718039ca34f687000fc8da4cf233752e36b15129420ccf014b94947fb2d866c5f691b5f6eef64d5e1b5e3db913bbbb0c41325834330c0381193aae7cc8abc5153d5482399a8170a3468382b6948a7bf7de16dae8bc238b48de7fd8f4be2fed549571fb239231e7224fbba51fe9406d30a0471aae5afdf9f21e96290243f18550e8fbe9b439c35aaddbdd8c72052e0cccd9c0f003ceb020162dfdaf948563faa74de355027d46a2a238890c62947d7ad14057c0ecc2c11cc4baf0225d2bcc29633277227102ab41e0ca7a778760ee9a851ef39973a71e17b88ad2a6302cf4081dd2aa9b58083d306b0b8a35d89ab474c6277857a4e3f064786750766ed5ed07c034337995fb5646925baaf82378305ecd15ae2ba6247717dc9950833cacfb3b724a686f465fe640d9d9da4e7085d610f1ef28ef66785c87b86d4277c60a410edf6adf6f19074c766eabab7265595ba8cb5641568a3a6ea200e3be80751e32259b99f95ee8ef977ff093cc2a23b06337eb4abcfe4185d6a93468540f518d03dd7fe75a6b0bc3d5fc64be2c5a69cf83322777aeffea39348c5f777421e20b774d45ec0489be66953a05f79efa8930b0ff2dff016978a1bda75daa35781b92c7f8f49c73c61b30901dd04b29f0d2877f86aabaf0e8dbc3d0ff1fba5477dd1eed7493c649bf10b1a81222e0fa85f5db9d767b8a69e69bed8f8cad22d294a0a1f2bdd4fa71cd8826c4d93b3b3e7ece59fbd999102fd03a302115d750a430c9806a1fb7565f33df40fe36f668c16ce1c2826f8cdc1c393bcb53bb1e7015b857b26fd21aaa6d8c7005b24baef0cf591e8ad78de6763fd80c75c0ad198baaa373d5e5d7194c900b8b81c16eb2c8bd0b72a893605b4cea22a0f4be98ca85274cddfc17292e7cffb3ec37d334c493a50e220c49101eb13f8e9f17c756169e6da9231594986f7cf9e89a6caad7d2e3f92bb66d866e2c5bc7ed46e2f1dd1984d093b8b91e05959ffb25fcaa88dff6184f54625cfff7993bb62221192a833c66752c34c40cd06fa6a3a4229e1d7edbfc47c77d0c2ab94d54b64d8dc1d1be40208f8e0a58d544c35fdf6c63e18f32c4372f35291e1cc3fe2cbb5d8f494288942c5d9baa9a825f0c1032a0d2e57101e051c82c90b81aef3dabf0d3dbfe58b6c1c90ef198d5ca9f413677754178fbbec7a9a6ed530c2736f99201117060692bb3fe663e2f0c9298c11aefd4d363bc5309c384ce1ba333b3ecc878362f02999e08024bfab86de406abc4bc318187359872a4d398d1b30c0919576b662c49bf8ca2070a6c19631b297bfe215996eb8e3501c111d2027fbd60eeb0d38422080faabb91636f49e892220725bab0dcdd61e271e5aff3431cf00a4f529d3dabd253bd474b27a1e266397edef3a7c2e5f6158e4169c1defcb7f634471ea58ede562a7df5501d29d3f5596fa652dd75b323fbd7b6df1a19bfbb580344c5c9570e2089ecddfaaf4ac7f017106071f2d68e1f6712d4be1c302329212d1afcf90e64a3e591bc35c9a64a7d2cadb5876b018584107a96bb4e03cd364c462aab1c1362d104a8e09a3d478f45cafb306a5f89383439a567f17d35972be52ca9f0ea2904f57993a3aef34d4e86c3eb0a4bfc58762d398f06c96f2dbc3adc70e2c8fdf7fcd4425409875d2b4a418626b386e3dc6bde956e7c716028f7f0f1029fbad72ece5799a7c1ac6585a8e756d7ac7ebc5e06e477c173789cd617dd49ee6ef2475ba59b752b6798318cef5b461f864f058a757e071850ed594aae2c7658301e8246d9ad4c2b2dae12e5f4905066b141063ffa892efd61ef7bd4975a6385cb6e3f2457a401155b8672d3d2dec0eda23febc50197007f042c4f11a6c7e7b04c179313efb8a3a37949ea50f430fa91d3bda11bad8221c08d03fc46b275377a016cd4f8c25742519b2649595ca37b10a6091880f5f204c9e00fcf6666ab09c827ecc8efd37abcced1c58d27cf1a8af13cdc91bd0f76f659e56cda830669750197fa1fd856cee4fa5915bb080387d91ea75a3e3e70f8920afdb075b03872777fb9b498533cd409486ce3b090348a89b31c8e8faa918baaa26a457a8129dc9b429f24b5eb619f827fc4be735443fce3f5b22a24c9e2da34e8d03b310340fc645f76f2b532d3340aa91f5b5a72aec955f2575277183168e34eed3f811464b1f13e1785c529480933e98ec45ec4bc297c6bab861f1c01b88672fa0b7ab6efc3e80f3f407c9698555448cb2cce3277e046c6a3f3d979090547e40c3b27e608ea6441af794c8072d7ff1710ab2dd03b0be5ddccdfe1871cbe2ef930b53f0914b4a6bfd66f6026a07edee1c48f5a96567dbb6a3a19c3560f3a8d908cedf5b051f148a4ee36eaf660f407b38eae12250032172b8802fca45c67497bb5a718893e4fcd03c9c36ea11075a173a43bf704f6026da8ea193ed0877679703aea1847bc19b632a406b894a00a1e4e515e93c907ecc8a58e9c7c2c199a2f884933ec2f8e206cc6beaf22209e252e3e6f2d667c45c62317e65acf201068a2861b7f8351639fcbf4ad2e80466fca0fa5fa52c42afcba889dbdd3e4cc0dbfcba7622a9a76a20618ea5ef3e1c4b877e3ee0b2c986a1135e26f5e45caf114a06da53624767c5eee3977e4253ab327563075931f201b7758501682b6b94609a1d561068b7fc42a9f91b04c0c04392c1dd38a80a38912e7d5a149ffc13562bda1fee30e13a1015e3e2d0882ce2db20fb2de07d9763ee9e04b821b628f51977882b495b68bf5c59a37ac19985cfbbefb9fb8e4a2ff01752cba60740de2436393143f818373a15db000cb9594b208124b44454b36c711e862460bf20e35c3c70a976404ba2be199327ded5fa0ad74d3fafe94889d053befb7683e1321fcee9319312f2ceee5de9feebd46dccc7fad0cf51ab10f69cb10b7dbec52e7823cd911d1196d7aeb75d4ed0697fd28c273bf456b8f3f8f66d57ede7285fbca1582bcc49fec5fb3293c30d8667695596214779d261f4a8c0090972445b4e190c95c3e6c1c0ba41db4143385cd6897679b48df01503d8b632665503ceea60b3d366b2805f1b38fce95fa5a78d6cfe4e1897c58ceb812e9c90fdc4619e2a405d0fc5b4836b85797eb43015d47d3458c3294af10c46f7899c541e45b31d17f1579f87ae4177d2a98e99ae208162ad27936e36d08e4e272f50310dd0af8db6c6a05ae5708184dd9d5d1382b7762d9aaebf929f92c24bb124af2b2cd50e2cc49a976619c52d03a44794a30b68e7a3f856c08d78f9dfe08baa4d367e6ead5a15c6630f60b5035836f8bebf98113ccd1911ff6ee3bd0791cf068bfd87e3edbdace3d8bc43f9fd9df9a1889c252050cffdf4bb97938a35be9ce2acfe190b8759f898e7bb331358806c9a5650c83e1fbc411a88ebe49a3ad372cb09e70793e2f405606553b7f14edc11be4ee8dc1dcf24306906a30182fe07dd5a19bfa2d646cadb83f4326536d6d6e25b71fee8558a5071b1beaf6360f708ce8cc2a0a631dd59f245b0fe84ef6196544d99f51c1a885d0632f6185fcb3103551b4188d23f4f0ebcc1c78f818d0c585e1550317b2df69370874ecd4db0a17ca2be0af48771458ad5cc64e897b90a4a670a8007ea893eb1a786242d35c5b4e6ff3281b4a312cba349ff979ea1bf33013473b274709449ad56cf1fbe2ff1d9c79c8bac1b20a697513dd842e2cb202db1080f523ebba177159c72ede3938129ad77423b68efe42bc743df36db668cbbc8c19fa19b4c02fa733e6665afb613d2aa3b8d80f311d3bbde817f92bca975b75c7a5a79b13446745c73d7ec9c8fbc5807d01ab4ac30c9f4f783ed1a6ecedddceccdd89cbd72b06cbe24312a1589df1948cb8b2b7af85aa9e59e9abe54634a22c7b3106813f3ee9eb3d378cf757c84f4657f0a8ff05a1fe972cdca066cdad02a5c4c51f4912e79ccac0d0ada5f450e688d76eab64df5dcbc10d3cd970481c12c26e611723b0a5bee79d3a8e5afd993f001c3f36eae5dad9646a2ff15bbcb774d97807ddc3fe5348568daed5dce7f300d6a2094a4c0552021f073f72a052ea176b754e99f3ed2a6d4320ffd6ad2758d6beee5b73a8f03c9ce3bb033e8f7a8c094dde51bf536d1d798241e046cafc5366d37730ed61ff9e95d10399165c664b96c09a2ea3d29045e90d4e070ee8669b1178662f647f1a5220411404c9430867d4a51b958a6e9dc9199e2ec4f84ade9048c69df7ac6b5b90a1a65470bec5d28d25f85d321ebe3b91816faf02776a2ee9e2da582bd076fa7d6d2a41448cc7766cb511623cde36c0e194419ebc46d07ffd8d807a65601a7677534a83ff14d3f962be55ae8f8e99ea3803d3dc2926d0a7588d9fab3b8c2187ce7a5e0cf94976a9f3b3a545f6df87ab8e60aac79a91775870c8a92a2c206ae6f2433322a927cef5b7b885b7f80c62ffe4bb39277b2c477c5d02e29656fde16b01831b9fe64d6028b8fd7c2f965cf1508327b65c1e4511ecd6da7840066d098599d8ae213b5931e6f0847a1bb358346b43396a3ef494f85b83e70f8854f056ddfabafdead3353a9a697722f85b524f3a32c47a0942e3037b1b01ab1a3e4b196ce0868edc2131aeb3a94dd4e09710612b8b38d48cbacbba260fb8c8b0364150db764e6986a92d42028a5eaa7fffc7e4bb61c33567bf0d54c23cec32130e87a24260300c806f6333bd5ccc5a5e043138467d43358d95a06c71ebf74b0e60463d1f95d65cbc880e6d044a8408d0b1bdcb5f71b9b89698f0a13ef93a0b96edf5e428aa258c8667015e245b168d6e4a76335183bd0304cf4f1b1fdc4090f4625cecc0caa5c87601ec75648e207144ae7aae872ae921552e414bfa68b819bc658041cc29e791e64e7a02c961af53801dca6b5ccdef655cf7184124e6c6278366005d866d6240aab095e7e372ee5d5e2248dd814a3ddafcc1805c937127657d6c0343"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {r1}], 0x0, "46dacd8396fe92"})
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000080)={{r1, 0x7, 0x418e, 0x0, 0x7, 0x7ff, 0x800, 0x3, 0x6, 0x3, 0x3f, 0x101, 0x6, 0x20, 0x3}})
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000005e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = fcntl$getown(r4, 0x9)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001080)=<r6=>0x0)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r7, 0x1, 0x3d, &(0x7f0000000140), 0x8)
kcmp$KCMP_EPOLL_TFD(r5, r6, 0x7, r7, &(0x7f00000010c0)={0xffffffffffffffff, r4, 0x1})
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x11, r4, 0x289b000)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
sigaltstack(&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000))
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4000, 0x4, &(0x7f0000ffa000/0x4000)=nil)

11:21:14 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x8c150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:14 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
epoll_create1(0x80000)
r2 = dup(r0)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, 0xffffffffffffffff, &(0x7f00000000c0))
r3 = syz_open_dev$hidraw(&(0x7f0000000000), 0x9262, 0x40000)
ioctl$BTRFS_IOC_BALANCE(r3, 0x5000940c, 0x0)

11:21:14 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x20000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:14 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5e}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:21:14 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x101080, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r4, 0x8983, &(0x7f0000000100)={0x8, 'ip6erspan0\x00', {'veth0_virt_wifi\x00'}, 0x7})
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:21:32 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x67b9aed9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:32 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
fstat(r0, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = getuid()
r3 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38)
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0})
lstat(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0xf7, 0x3, 0x5, 0x5, 0x0, 0x0, 0x8c004, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext, 0x60, 0x8, 0x10000, 0x7, 0x9, 0x5, 0x2, 0x0, 0x3, 0x0, 0x8001}, 0x0, 0x5, 0xffffffffffffffff, 0x9)
ioctl$NS_GET_OWNER_UID(r7, 0xb704, 0x0)
r8 = fcntl$dupfd(0xffffffffffffffff, 0x0, r7)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r8, {r4, r6}}, './file1\x00'})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000500)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r5}}, {@posixacl}, {@loose}, {@version_u}, {@dfltgid={'dfltgid', 0x3d, r6}}, {@version_9p2000}], [{@fowner_eq}, {@dont_hash}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}})
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r9, 0x1, 0x3d, &(0x7f0000000140), 0x8)
fremovexattr(r9, &(0x7f0000000100)=@random={'security.', ',#[&&]\x00'})
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000001480)={{}, {0x1, 0x1}, [{0x2, 0x4, r1}, {0x2, 0x5, r2}], {0x4, 0x4}, [{0x8, 0x7, r5}, {}], {0x10, 0x2}, {0x20, 0x1}}, 0x44, 0x1)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:21:32 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {0x0}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:21:32 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:32 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x8cffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:32 executing program 4:
r0 = epoll_create1(0x80000)
ioctl$F2FS_IOC_GET_FEATURES(0xffffffffffffffff, 0x8004f50c, &(0x7f0000000000))
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000580)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="00000000000000000000000000000000f2c59a464a6072b5c353d7453975c44b701bd3bf294e0e764e2b9c145e8d6ed2892bd5832bbe0150707ac026cc725969757bf35390ef7189696ec29090297c705452eee4fe8ba99a96ca7fda5e99795223b8f5b272d030d6fcd224b32906d2584de78b05488c7b4c0912404f0409145d3dfb8acd081850531c9a12807c8c919eff38147f78109b376a5b90eba7bd"])
accept$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, &(0x7f0000000080)=0x6e)
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file1\x00', 0x103602, 0x1eb)
ioctl$NS_GET_OWNER_UID(r3, 0xb704, 0x0)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r3)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r5, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r6, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$FICLONERANGE(r5, 0x4020940d, &(0x7f0000000380)={{r6}, 0x93e6, 0x8, 0x1})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r4, {r1, r2}}, './file1\x00'})
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000003c0), 0x1001, &(0x7f0000000640)=ANY=[])
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0xc, &(0x7f0000000000)=0xba, 0x4)
sendmsg$nl_generic(r7, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000040)={0x1c, 0x22, 0x69844ea0a6ddcd11, 0x70bd29, 0x0, {0x1d, 0x2}, [@generic="00000000fd"]}, 0x1c}}, 0x0)
epoll_create(0x8)

11:21:32 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:21:32 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 36)

[ 3182.275955] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=84662 comm=syz-executor.0
[ 3182.322445] FAULT_INJECTION: forcing a failure.
[ 3182.322445] name failslab, interval 1, probability 0, space 0, times 0
[ 3182.325416] CPU: 1 PID: 84674 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3182.327163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3182.329261] Call Trace:
[ 3182.329933]  dump_stack+0x107/0x167
[ 3182.330853]  should_fail.cold+0x5/0xa
[ 3182.331825]  ? create_object.isra.0+0x3a/0xa20
[ 3182.332975]  should_failslab+0x5/0x20
[ 3182.333928]  kmem_cache_alloc+0x5b/0x310
[ 3182.334922]  create_object.isra.0+0x3a/0xa20
[ 3182.335940]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3182.337088]  kmem_cache_alloc+0x159/0x310
[ 3182.338001]  p9_client_prepare_req.part.0+0x3a/0xac0
[ 3182.339085]  p9_client_rpc+0x220/0x1370
[ 3182.339971]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3182.341123]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3182.342250]  ? pipe_poll+0x21b/0x800
[ 3182.343027]  ? p9_fd_close+0x4a0/0x4a0
[ 3182.343875]  ? wait_for_partner+0x3c0/0x3c0
[ 3182.344756]  ? p9_fd_poll+0x1e0/0x2c0
[ 3182.345542]  ? p9_fd_create+0x357/0x4a0
[ 3182.346349]  ? p9_conn_create+0x510/0x510
[ 3182.347180]  ? p9_client_create+0x798/0x1230
[ 3182.348104]  ? kfree+0xd7/0x340
[ 3182.348857]  ? do_raw_spin_unlock+0x4f/0x220
[ 3182.349783]  p9_client_create+0xa76/0x1230
[ 3182.350681]  ? p9_client_flush+0x430/0x430
[ 3182.351599]  ? trace_hardirqs_on+0x5b/0x180
[ 3182.352558]  ? lockdep_init_map_type+0x2c7/0x780
[ 3182.353576]  ? __raw_spin_lock_init+0x36/0x110
[ 3182.354564]  v9fs_session_init+0x1dd/0x1680
[ 3182.355477]  ? lock_release+0x680/0x680
[ 3182.356318]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3182.357302]  ? v9fs_show_options+0x690/0x690
[ 3182.358203]  ? trace_hardirqs_on+0x5b/0x180
[ 3182.359072]  ? kasan_unpoison_shadow+0x33/0x50
[ 3182.360013]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3182.361064]  v9fs_mount+0x79/0x8f0
[ 3182.361082]  ? v9fs_write_inode+0x60/0x60
[ 3182.361100]  legacy_get_tree+0x105/0x220
[ 3182.361126]  vfs_get_tree+0x8e/0x300
[ 3182.364280]  path_mount+0x1429/0x2120
[ 3182.365056]  ? strncpy_from_user+0x9e/0x470
[ 3182.365931]  ? finish_automount+0xa90/0xa90
[ 3182.366787]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3182.367706]  ? _copy_from_user+0xfb/0x1b0
[ 3182.368559]  __x64_sys_mount+0x282/0x300
[ 3182.369367]  ? copy_mnt_ns+0xa00/0xa00
[ 3182.370137]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3182.371179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3182.372218]  do_syscall_64+0x33/0x40
[ 3182.372957]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3182.373980] RIP: 0033:0x7f01450cdb19
[ 3182.374718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3182.378531] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3182.380144] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3182.381611] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3182.383029] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3182.384475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3182.385895] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3182.422782] SELinux:  duplicate or incompatible mount options
[ 3182.452122] SELinux:  duplicate or incompatible mount options
11:21:33 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x68000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:33 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)=ANY=[@ANYBLOB="0c0000000000000000000000a1d636cd118839bafe5b7d48db93523fe71dbbe6a4985553e8d8fae6ca958a1043e020648a9b3e300067d87d06333af80e9930024309aa30843b67c5ff7ede92546a77dbb4611967b44d2866e4e01e932f9014f9a66c3b5a78ec68fb2bdae4a436097334b0817b4ce7a50b8066a6d3658bc7efe798be96dffee484fa9943fac8824bfa837b08a0b9bb30fbc889c97869f03b6a51649fce7a", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])

11:21:33 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x8d150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:33 executing program 4:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x191000, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000100)=0x19, 0x4)
socket$netlink(0x10, 0x3, 0x13)
r1 = epoll_create1(0x0)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x8201, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
writev(r2, &(0x7f0000001c00)=[{&(0x7f0000000700)="6ed189e0de76cdda793c11a561bebf6b54855fe966dcb758a12f33fa4dc744c2f5a0e1c1cf6fc78358135cb5235f31566317601c5ef6fc8c20c55bb64d7373adc89b9c8b3d08dbcfc5209498b8c6a3fc71d196b2cc12b5502848d347d1722a06f5a881d8757a459bb20b7ced9f29bca8d52875d241a89b9e2a841b8ade81d56b097842d1eb69193b71d007fe3d248ef3d74d131c768bb76714152de154a21dc800d5aa0771e1b205656c64bd9447295d0449f87f85423e5fa9eda434acf3ad3c885b02dc4e7efa92f1f4cf5457d857ab8bc2cdf85f1b19a06c8f259987edb15ab95e8bbfef9208d351b8a135950e3d15d0810cd283466cce7659ad99b76cd3ba18679711486a966ca53a7c1ec605450175e219668e1568631c2ea2ba90db86500cc0f6ee1d32cd072cb7d9fe383680b9096a31214a70ba57858e50503cb9086e02ac97cd2710acb15b8f3f532fb8bff8b1130a7d168d0359b363d7b6a1e88246b05cb57425761ccdba6b6509ea5336ba09f2384c6b3f45d945fb87b768146de5d362127c6b5d67d87cd9b7588dc13e16bb830d34df1e7ab6f552643eedc972da241a7dfa642c02ce1b85789ae209ddd3c8aed8c1d4462b97863234fa40279880327e63871b1c7e286367825b8d62c8dbeebec91eaca75470d7c4f215b2ed2c9e256ffa30c4afd329edbc01172c26c3afacf64c920835507915e5240c8412ebfc6e24f87b94a1c1556043a87eb5aec2332ccef6d5601563ec8f164f2500049a808175d5d954d783c455efcfae210b2a28a97f3ded39d9f5ee9560b896823d3e06a223e23ff48a23528bc464c50180a5add0dd785c2b0a56530124a84e5dea432dc93bf4e8f4e4687c96c50838746153d6cc0f451b50dccfbdfcee66b2d02f152c5aebb408bb32c39eeda1b1aa17996ad1fc337e707268ea889dd89005cb016e06b2570f4a3cbaee40d689eb1d0591c5e4abbbcd490d1a7d2b17eecc4a0d0c0fd27b4a874e3b1ae1dea2031fd324fdd06da9a751a430b7bba9ad7ef261dd62cdd2543090b588c5e2c540dec22f3940e003eb388b70bc7b16e73e1a9e56ba49efc38557fdbe74bb3bb5e57aa2b853ae6fef4567a47dbed2006a420478557262ea4a8e2eab45545ba754e15e6ba6fd57b026434f6e35f46e78ef547a88579cd366e486343f2d7f42ad46a636954ea4bf530e88aff66685615899ac385d1b31d43bbd1467eec0c6c176fb8e7e436f53a3ecb90fe2a283fe5c4784ab38809914fbb15f97c2fe634e1de3fb75d6ec9fe851e81e968c0cfe787689482c3df2ed6420086d7e9401a6801f194517dc2cbfbd8bfa201abcd526d83f14a2a4ae3f8d0587d87640602ff2bf2ae737967cf8b79d43c718c5b396f28d81f327d92abb87e791e2a3d0bb24bc029890378265d680221b79895662656fd4037cd818a51db0f9ac1a051e6833f09dbf4a316db6b5805f971cb7725e18d204a052c2e81a74e3e0ec2fa16ea9efbf9a3dfb63d2c46005b73b3dd809584d57eca8cb7f18d3731d9329f5d5953d7f32e5c79765ab5691b57d5f8213dad3c74762d0bbc22bcb431a6090bcc232812a8a0747b6b8dd55b712c9f408678b0b3d4fd529ae0611dda44474ee236d2ee5bcf65a81219c747be7a1a53e235adfd5b0383c430b795b2e6c6edc27578b4279cc01899bc9150c9002f36d09cdd94bf6f12cb1d7731b6ac02a8aa900b9c45c0fa5c90a40bcab68ade6b4ee585ea485867c7fcf8ee7e425fc2fc9e6b26f220379bb5224501fe1c98ad5d2215262dfd64f2c9725ec212d10136aa28290212be065ada12ac343536203c32241bf90c6c0ebb1410b1aea62203901c28c6e699801f9ac54ece67ef5c607ed98e0b159d848bf4d1f7755e6a8e2c5263d67850d9209990dd51dcf6e0c5ddb03ac5d742de10e21ae3cadfbafd58049ac4bfe6c23086ad8913c039d86a13cce8397c8cf7f022ad6fee95d08b2f8bd56aa2a75b33f9696375091aa7d7e8f647d84a19b241467bd9c1bb065d3707516fdd283740c22aa8f1e02307aea8ab2b0f17c112e3035e03a38e05262e135754d6aac34c8a9c6e24039b7b8ee28d20199ad2f7e2d96b9c9a6fe92a32651c568e3e846fbaf9fb8f66783eaca9db38a5dba119c181acfd106af107834c9ae994c1fbb7739f229c0e174d7f5adb63e31380a3dd2272d7cb13ce8b68b85e13e66e701a291c8a91935d127f0de716bf35281de18f19e0654862f4c97ec3ad5df0e5820818ed52ac3542a946c7c4fb8078d690eb9454858e10e63f46e08e2d89aa786b27a8bfc5878794b4941114cfcf82d1c8c36c90be31b24956683aa96dc565f6ebbb0b16483f771eeab19969926586c84bd1d5c6265b28c48efe38f3d3a76fc9662d79a17cb91faa9a43cce0078fc391ccba8b250e3f71ffd7d5666640135acb57df40bdda1eaf3686165c3e799199a13ca057d7629d01052ee7e888de29c2ee4de3df1a36c5104e7ae63f5ed2547ee39e3cb8aec39d3fa97cb17bb260ea92de68b2780793f725a14807b1102d092c3a5dd22afe542c0030bd76504a68429599cf935c77c27e7400d4b8e8095c69ee9ce94e8577f2108beba57a36fad0052d7777e0ee1d851767689a907ea118af5c1d7e2f554af288ca22b79c003a13cd9359d7c785bc8d97a0ceec8a10f33a61ced0a8a759dcdbbe93f3937fb821d67e65a4d568df956794cb4258f12d7967d5a4b2575a9499115ddcfb9aef8390eee0c014e49e35bc4e7724495e2fdb8ac0ca8835a716684f88bf97208ca53797cfc28d1ba6677f4b1bd07ff8ad50e92690187d7e884018bd4ad21ed1d3f604e20f04b115769752ff22a6867a6893f10330b602b926262df8dc880b9c184c9135ac095bc0536b64ffff95c7d89b6cd483610985cddd70838aea97452944c60cd74e40508110f8a57778e09a343458f1ef2ce572bf34a29b3f512e1b0e70cdd32a6e78c06cdb6dbe3061fdafe253e416e0d618aaf92891a26fba7237d2599223cb3c02442e0935a2f47d9e96e17036f6ebae06e123fdb4e9f89448bb7f5a45326f1720c03efac1b3e47e7f0ba6629156cee10b9683966482bffaaff7c00bd7b4cad768bb36ba7047f7355690864262a48f2167b750f078f2cb4a5f5d53903eadf9147b42e35d4fc62dd710544bc4adc9f757429445df02f82d7cde19c660d7fa46ebf61f6939935650fcb1e109837d6f974785cd0cf75c5d794a5b6b1568a187c4aaa07f78e6afd7aab1fc22a5dfe52ca8c56f9b288ade90733f71859fbe01c31496cbd4edad1e3e5da999ddcb3f91048678d7e19d3178c0080489f5b91c2ce1c008efd3c0a303bcd1f4716c95e4a02ca57eed5c5ea9941c81dda1971c93dfa687cb78e703bb90993656d0137fda1ab240c4684c9200243407107dcf4457d0715f2e4390a0b74a2cbc7708598028424e8ed8f5cda98d8039b5f4fa5ab120a99c36c40e830e64747207d7520892507a88dd7a337639561fbb3a700f89581252acc85cb4b19f1876357052eb2e49eda131e85ad35bfb9ab71ca1dc7b13f7cb7cdfa065ccf779bebe986fc2481072c78e51521c90b866c3ce2c77bed9bd8be9170e4e78179ab1ab2d089bf07ea4b935343c589f22d6168f4eff506a491caf5b077cfc6b428b318ffa19ac43af7a32f09728533d143a6d2dc5db793fb86ba1c13483039b29fd68248477f2be9af46e5d0d2022861ba8f9e6c10c995a000d74d285e5c8bedabdbfca1e840c17957a3279785307914136b4843f1b83ddabf96845e6e2008124e95d9aa59bbcf7baa203ad59bf9e44a0f2c54342798dea9206ca5e0b6cbd07996299173bc0aba3a4dcbe95478a724f6f07aba006d43c7a0f3462347445b4dfce617f7f090428d906e0f98f093e4acf3de8bf44027ec9c90e6a789f201049091b1246cd5e9b8b10e8117699124bb0abfc408dde317e930fba081c4a7c5938cad7c772d70bb551ce4f5ffffe9d962fb63f689b2a9de842eb4dd234f7e32d40c3e2163366556cc670be94e15d24fed43f0f986a448827967a6d65db0aeaee14594c7d63f08416c83b20c1ff1f20cbda895826e4b4820dc24e19a05d0fe4d1dac2f5848fa9be7bbe857cb5ed5a0f3eab3849f3389e5a81b37dad3528344c8cf9c3763ee3d2c29cc52dab7739094a7d5ae862b21ad66abd9036ed63ce208f29c88e186195d900147dff4727fb7a7ab0db9a63f81c3d23bd9e4d4ab1709e4bdf55eb2672c34c494d3b0c9d8f1e7ce6b50a2d1c5071a3a31024a6985b48c9f0685c8e6fde900970cef5d2129e82baedbee94ec6c49fd7070490856b99422025591fcf3f0aa4f2504945f5185c5896c349d37c31012d829246356147a762429b65e2e477ce8111501e4b3e1997bfd629cb88241fddb0ea82f7493184a6506e2cc5649136894718dce7e9de8ad02d696c4d0ab511b341322d0bc5a1e8acab062d6f43e22409c211cd2dfe30e2d2d5913c4d60fd991c13de991ee607a22c00f4d6fb99edc38b7332b7f6d552e7d025cf5cafca0e0dd36ca9ae3bcc8d995d387d8c5e1884d5dad6af4e5d6c2b3b5bc0cb50a1afd437125866e5a97e8e0ccc0a8160436fa64813b22ab13fd533c77d3ae8f14370a711eaf6f267cd1ad70605d5056ee7362f0669fb173f6007df58abf892899ebd0d813521e282fea997e8ecec9e279ab682a15fdbdb97a2b835522a3e99ba97987ed6eaaabbd68cb355298a80dcdc882991ddb0703686cb2f3c4241267b80d63520cd2712939029d749988226dff672c4a336669b0f761e0831530b4f72b9ed7150e1b46788877fe7a3d6972aa9c2a507d28c849a5ce78eda14f1e89b489c5d25735acf34600a10094c1317cab8ce8d014313dc82694b5f9f949c937925f3ab3aa9862dcffb6a4e7142c8c2eb00bd70f9068b61c3e0c07676ed4f887c594966e770bbca9f68ad009b85db985ba59d2b64a568c6bc06d2942eeb33ea2609b00b7bb99980b21cbc74ad7268ffa18775eb16e6d605cdb99f2ceac64e4f0f1f72c9cfa8d1214055d4df96f54316dc87cc522cd56f171e2206f0fde0cfd457674ef3351a7acd8d0f8935f002f6d2c87a790082cef19a26e409019950d437f76781d6b535f24f642346bb61c7978b1b26d3dd6494ff6d30835285fbf9e82b4d048edfb18b67d64d9214169373caa53b64cbc9aca05b96b6b7c1dd650ff03f2dfdf3a61148e3ba072ca32ce021cc643b26ae8f319d41dbd0947e454e12d3d2fdf47446b12120d4b705609491244afcf1a5fb584c6122cd46acd3541cfc22f62c475db8260ac9cc93e0fc96286f99ea8e99c88d490b8a8ddc5c86ab417e58a12997e30e290dc17c954525b89bd11734defcf559f93f351cc36a0391c795429ecf0e273fe914ba32af6bf55baa841386bc9b7d9b4ea573b7c08ea3410ad24103e22d296c2663e7b78df3cb757efabcca65b7aabea97d3e2ce84e3f6e69c77031bbb9cde9a7a4b9f89c9eb113e8af56a93d665ec805bbafed6693835e9aba63902d94c590eae5da214fb381fc2dd4d6d4b9749f455262eb43a1e544dc4bf5adf93ee60c6438739b06529d4485229e8a810c0a861d37ff0963e09de7c2592262e2efbc0cd3b00ec4647f60be559ee6a50aa2e46738f9f797bbd43d1378c5e42f8a6fab836ca93e258a55de1ccaf7f3934d9feefc659aa28f54298b6fc6bb1a4825232af6ee0093dabeede67c9fe754962359e814f4414cda43d5e0a4b55d3864906ad2a820037f6cf5082da874d490582d9f7c7f204664868e236fe26c48ea0c8fdff", 0x1000}, {&(0x7f0000001700)="bfa6013207d9f4ec6d66aacb97f489e119f2aa3ce6087fa60a2e4d2c415c32668330de049a4b2dcd0d2b721b93194d4d07daa77a22bbbabea26fe65c8b0202e70e6ece0434b732a43ddd13017e9e6f26", 0x50}, {&(0x7f0000001780)="84356a47fecedb93e4c0867c45fdd2078433b1b34df32c86673b7e69f333a1db1fa5b9eede606c681e89dd13b433a4e6d9737495989f0bd7e19c3996178af6bf4e7c1f6ba4f8701f20f31c428c461cde55df843b6fc80995aff2b65301d04d4ec4227ab81caf832b14b93851dae7e5c9680cca84fe8778e835bd1ba288b427fab436c3bcab2cb278427ce3ed62562119159467545d9a8256636662af491264ca3a1eb71c570f7867474fd34952b00311a6f1ff60acbd2d48b29a8834b6086884c6fa718e0bd2f7784349c8d71abd", 0xce}, {&(0x7f0000001880)="8e42923cb77e7b3dfc97fcc65ad5fc14a4d368a722361862fd0717df98ab049e3a77766200dbdab01364b7ec3f4aead7ee68c7dfc94e1b36d41561d564e018aec1ecc237a99b81ef5e6c711419e0a18b67299850c5f74841031919e33fd22aa40ab7f778d4ca003e84765e6f6e327b5011a85d413fd80db12ef54745742c0bba879ce249f265bcb76ae77269bafa56fca92d49fac9a89d8410b9fadb3a81b277996bcde1055794ebbc1a0cd0cb7d24d24788f01725b5a6e3f58a56a374fa6ef1c01c1caa167c5da689f0738cdcd2de5de7cbf3b2a09328511c9d2c432b6b0a281beb679c9044526637152cf47ba645aa5ded6a1251407f7b6108683df3b357", 0xff}, {&(0x7f0000001980)="6f0455352d17c5990debe8616e1a09da9765c2008529677f9734bd2a257eef2c20b1aca4100f29ef0b7e27018d3a9d613c0402c8d8da1038b47693407cf1b1e35534457319b32b5df67ac70e1dffb74093cd65f7c7c34b91d3f545f7e43bd795f6a57b3712db5b506720bde64c4d60c5759ae8ba278c41865d6cdd3d36af07444d9b1e53d98c509d1bace643b14025ce9bb02485497d3de72d6f3bc17f8aad5d7a3d26500fd80379ac2d7c16a0573187492d4e6d761dc9d0cf4075b1579847dc219023", 0xc3}, {&(0x7f0000001a80)="1d8ca1e1993449eb112bc0151b359c51c3cb7cb9a8ba27bee2223abcbc36431b076f9efd907a302ca2d4071620bc580b9e88f014da450e5175e2ecf18b39753d960490", 0x43}, {&(0x7f0000001b00)="688d25e96e9bb7cd77aafab2fb640c027602815d3732e71964eb8b17c9aa98876444360c84302a14ec5fe37342bc8139a77e3afd0ef9314b7b726244eebddf180776623fef282cbeb7627b0278b3ab830dac41497d4a4be134c45a47582dca410c890e403d19db939910e27330ffcbc18587c5d6277575c26a3af0f8739cb7c8142518cf2316e93989aea1b1727f8dfff1722de705454ba674a8e9affc464fdd4de7b345ad3f346e9213f21c5cec00a7bbab0e28001df84eabfa93283f3e72f0026841a51d606830aec53865d2160ea5eed188f374b27ad8ed0739353537b4ffb6d0eb2b1c046459ba53d4024bd9", 0xee}], 0x7)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000001c80)={0x30002003})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000540)={0x80000000})
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r2, &(0x7f0000001f80)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000640)={&(0x7f0000001d80)={0x70, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xffffffffffffff4c}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x70}, 0x1, 0x0, 0x0, 0x400c090}, 0x40870)
sendmmsg$inet6(r3, &(0x7f0000005ec0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001e00)=[@pktinfo={{0x24, 0x29, 0x32, {@remote}}}], 0x28}}], 0x2, 0x0)
recvmsg$unix(r0, &(0x7f0000000580)={&(0x7f0000000280), 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000300)=""/253, 0xfd}, {&(0x7f0000000400)=""/146, 0x92}], 0x2, &(0x7f0000001cc0)=ANY=[@ANYBLOB="280000000000000000000000000000003ed736eb5f5dce7410d8c5106a8189b85af515a3af802f9da914747c7a23750f68be63c6e3056ba5105f39b1c6dd7bca82e270367b3539d244445d59", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=<r4=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x48}, 0x2162)
sendmsg$nl_generic(r4, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000680)={&(0x7f0000001e40)=ANY=[@ANYBLOB="74000000301df812ff7f0c0fea4bf869511300020026bd7000fcdbdf250d00000014006e00fe8800000000001d00000000000000014b00930079e33763cb4fb80f4d5072f2929fd5fd523ced074845be7141946bd13bb711e56b4e7cddbe5854766fc21d7ae892cd4fd11bf6556071b68f3e4fcdf855237114bfe23b2c0592443e51ad4f617eb21ca823eb795c0b67ee1ca7f23f83783bd8ae91b6df3ea9d37690b72aca763c79abb5dc3e9c3752a7032819657cbd42a24d59069f875be430674bcb6854386dd1d98e29b269b80500000098d172692bac17a1e69f6189887c56e8fc70f81a63cca4bd3bfad60b1a72e183c1e77a06af7f62959998a0fcb36d2613865f45d115b76f604d6259ce95a7dac8874b9cfe79e1a733710a2f984906ff587045605f2a65f27881e03bab3981d6bd"], 0x74}, 0x1, 0x0, 0x0, 0x4004000}, 0x20000092)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000080))
ioctl$NS_GET_OWNER_UID(r0, 0xb704, &(0x7f0000000140)=<r5=>0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r6, 0x1, 0x3d, &(0x7f0000000140), 0x8)
sendfile(r3, r6, &(0x7f0000000500)=0x2, 0xe25)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000180)={{{@in=@multicast2, @in=@private=0xa010101, 0x4e24, 0x100, 0x4e21, 0x0, 0x2, 0x10, 0x80, 0x2f, 0x0, r5}, {0x4, 0x1000, 0x2d02, 0x9, 0x2, 0x7, 0x2, 0x4}, {0x2, 0x3, 0x1, 0x1}, 0x0, 0x6e6bb8, 0x2, 0x0, 0x2, 0x2}, {{@in=@rand_addr=0x64010101, 0x4d6, 0x33}, 0x2, @in=@private=0xa010100, 0x3507, 0x4, 0x2, 0x4, 0xffffffff, 0x7, 0xfffffffd}}, 0xe8)

11:21:33 executing program 5:
prctl$PR_MCE_KILL(0x21, 0x0, 0x1)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000240)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, r0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@nl=@proc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/29, 0x1d}, {&(0x7f0000000300)=""/250, 0xfa}], 0x2, &(0x7f0000000400)=""/227, 0xe3}, 0x0, 0x21, 0x4ede1b20bc24a897, {0x2}}, 0x8)
r3 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x40000000})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fadvise64(r3, 0x2, 0x9, 0x2)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000900000007241f2ba271b7239fe3fba86655e4008468550de2ba9ebec1aaa19c7cb80bbf1b89faf0099959c89ae38db1768d23015977efeece698f2a26c8af460ea2aaf87f7c8f4fb7b4327647dcb8668a6ca64e106224772bbd0b84da5971abd23b2da8d025e7bf8b6837ad29d7f3eddf5f2337a92060d0173b1cb4d60e9ffa5930b3347427", @ANYRES32, @ANYBLOB="05f1baf200b718e915e4e6ec60a88045b77190313fa679b0b0777c5bceed00"])

11:21:33 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x8e150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:33 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 37)

11:21:33 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x2d230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:33 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000fee000/0x2000)=nil, 0x2000, 0x13}, 0x9)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:21:33 executing program 4:
r0 = msgget$private(0x0, 0x0)
msgctl$MSG_STAT(r0, 0xb, &(0x7f00000010c0)=""/105)
msgsnd(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0000000000000000c6298c064619da2b9dbaa973630ef721aff8cdb03067a91acc257da755b9a399fdc5e993bf69729cf13b26ab84b1b288247402cf90aa6f90acad7d1430bd9ab805b428d611be1f743ea1d8830e901be1b3d8b0bf4d509a2a260e940c680ec4550f488dd2a5922a11c3247c01972ca9fc988930acaebe649ea9f614a984f1d2e2c140700de2523e7ae77be9b9092fc9473fa1567ed6d81b314ea229b0c41aa32bad96da1f523de94ad20d8c3ddfca8c9f6b333feec91eda09ef9f93ff2f32f242eb00478e24b866749cad3aa6e71c8773beda03e1444086da5049f763c9f5eeee2a0a5ae83df82fbdb342fb7c04545beaa8e872664e60fc843333fe67227c"], 0xfa, 0x0)
r1 = epoll_create1(0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="00800000000000002e2966696c4767f6dee9ecf85917106d147139ab20652400bcf85d"])
dup(r2)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080))
pwritev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)="cff1bac472350108440c13e78cbad6fd5898746d782c0f2177ff4d858b7206de26f7cf69178f847bd6dabc4ca39b72d08501cafa92350146adbf35f8370778c83053c15dda67157a08bf34d0b28530367f205c4e22249dc50782404dc84db50b976ba589e4f548a7cc0677f1ff9166ea47681db5c3a0eff99f923e77abcff54098d5e96d0da0d1a7175d872eb3e5eb037f0bd566c92e31bf4c", 0x99}, {&(0x7f0000000200)="430d3003e670478ab8f7437e1b82e315d2f52aeaade27a3ffed99c99f0cf506f67a7eed206882a5307ef431e8ef7d8090ca5c58cda0a758c39ec6390d2c0641ee029c758400ccff3ba7952a0e0280bb857f0b13e881882208ea0972aabba95a2600734323069cd2eb6068d81bc3f4c6b9ced5df756cd2381943f2a0914f30528e207c5d5e0f6943e4b763465f053eef5bf3875183853a6b31f5e63e75da61554c3946dec2408d57db61bf2c8e6b68c81b9fef24f902bd9f88e0dda61a6f319ddb7a9fefd3e392125bc5ad10893bbe3f83fde007eff8add", 0xd7}, {&(0x7f0000000300)="ac6dbe770505aeb21e56b5c2ee43ccbe5544dd840b1f1fde4066c6c9aabe3f4957e28c86915a42404120e672219215728fc1c1165dcfb4a013e5c931ab6a5ccf0c202b9645fbd10760546a2a53732bcf5fc85aaa387d174e3a253419b29abd633c3751843dec1a81fc1df888e94c84", 0x6f}, {&(0x7f0000000380)="482474403820159fce585b9b8a21f4eee494707866ebb59648cffcf8f083d22c804417221f508afb75086b0df272feebc124503ec301b4e20d9e34fa2cb5b29d0bd9049848617f4a5937b30361530d5671503a99469e9628a9df6166109ed09ca642f7f0d2dbb8d0e8c171d2bd4359b660a351a5354698c2404bf04b2d90161e6dbadba5988ea75695b3a79a51cc7c4907e1416f6b46bd2675cff3f4bc73eb83487ac4a8a02082a3587fbd8179cd050303137d432798a771b98727842654c360a2c15744df7376c14042c143b6b33897440263251d69abaa50", 0xd9}], 0x4, 0x7, 0x7fffffff)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

[ 3182.962153] FAULT_INJECTION: forcing a failure.
[ 3182.962153] name failslab, interval 1, probability 0, space 0, times 0
[ 3182.964979] CPU: 0 PID: 85406 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3182.966535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3182.968394] Call Trace:
[ 3182.968973]  dump_stack+0x107/0x167
[ 3182.969769]  should_fail.cold+0x5/0xa
[ 3182.970605]  ? create_object.isra.0+0x3a/0xa20
[ 3182.971606]  should_failslab+0x5/0x20
[ 3182.972447]  kmem_cache_alloc+0x5b/0x310
[ 3182.973396]  create_object.isra.0+0x3a/0xa20
[ 3182.974360]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3182.975471]  __kmalloc+0x16e/0x390
[ 3182.976262]  p9_fcall_init+0x97/0x290
[ 3182.977103]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 3182.978218]  p9_client_rpc+0x220/0x1370
[ 3182.979133]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3182.980336]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3182.981510]  ? pipe_poll+0x21b/0x800
[ 3182.982325]  ? p9_fd_close+0x4a0/0x4a0
[ 3182.983172]  ? wait_for_partner+0x3c0/0x3c0
[ 3182.984126]  ? p9_fd_poll+0x1e0/0x2c0
[ 3182.984967]  ? p9_fd_create+0x357/0x4a0
[ 3182.985838]  ? p9_conn_create+0x510/0x510
[ 3182.986739]  ? p9_client_create+0x798/0x1230
[ 3182.987744]  ? kfree+0xd7/0x340
[ 3182.988499]  ? do_raw_spin_unlock+0x4f/0x220
[ 3182.989467]  p9_client_create+0xa76/0x1230
[ 3182.990421]  ? p9_client_flush+0x430/0x430
[ 3182.991379]  ? trace_hardirqs_on+0x5b/0x180
[ 3182.992347]  ? lockdep_init_map_type+0x2c7/0x780
[ 3182.993375]  ? __raw_spin_lock_init+0x36/0x110
[ 3182.994377]  v9fs_session_init+0x1dd/0x1680
[ 3182.995312]  ? lock_release+0x680/0x680
[ 3182.996202]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3182.997255]  ? v9fs_show_options+0x690/0x690
[ 3182.998264]  ? trace_hardirqs_on+0x5b/0x180
[ 3182.999239]  ? kasan_unpoison_shadow+0x33/0x50
[ 3183.000243]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3183.001359]  v9fs_mount+0x79/0x8f0
[ 3183.002164]  ? v9fs_write_inode+0x60/0x60
[ 3183.003103]  legacy_get_tree+0x105/0x220
[ 3183.004008]  vfs_get_tree+0x8e/0x300
[ 3183.004817]  path_mount+0x1429/0x2120
[ 3183.005690]  ? strncpy_from_user+0x9e/0x470
[ 3183.006663]  ? finish_automount+0xa90/0xa90
[ 3183.007601]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3183.008622]  ? _copy_from_user+0xfb/0x1b0
[ 3183.009569]  __x64_sys_mount+0x282/0x300
[ 3183.010449]  ? copy_mnt_ns+0xa00/0xa00
[ 3183.011343]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3183.012499]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3183.013621]  do_syscall_64+0x33/0x40
[ 3183.014479]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3183.015629] RIP: 0033:0x7f01450cdb19
[ 3183.016464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3183.020459] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3183.022140] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3183.023695] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3183.025214] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3183.026762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3183.028324] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:21:33 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {0x0}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:21:33 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:21:33 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_setup(0x4682, &(0x7f0000000100)={0x0, 0x58a7, 0x0, 0x3, 0x2d5}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000180), &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x4004, @fd_index=0x4, 0x6, 0x1, 0x4, 0x8}, 0x98a)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x8, 0x60, 0x5, 0x7, 0x0, 0x4, 0x11000, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80000000, 0x1, @perf_bp={&(0x7f0000000000), 0x4}, 0x40, 0x1000, 0x8, 0x5, 0x5, 0x7f, 0x8, 0x0, 0x9, 0x0, 0x5}, 0xffffffffffffffff, 0x2, r6, 0x9)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="05010400000000000031f62a4340"])

11:21:33 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x68150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:33 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x8f150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3183.195080] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=85713 comm=syz-executor.0
11:21:33 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x2e000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:21:33 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
epoll_pwait(r3, &(0x7f0000000000)=[{}, {}, {}, {}], 0x4, 0xfffffff8, &(0x7f00000000c0)={[0x10001]}, 0x8)

11:21:33 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="d76b2aeab4a0eb6718000000", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])

11:22:03 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 38)

11:22:03 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x69150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:03 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:22:03 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:22:03 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
sigaltstack(&(0x7f0000fef000/0x2000)=nil, &(0x7f0000000000))
mlock2(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x1)

11:22:03 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x2e230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:03 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = accept4$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f00000000c0)=0x1c, 0x80800)
fcntl$addseals(r2, 0x409, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r4 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x248000)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r8, 0x1, 0x3d, &(0x7f0000000140), 0x8)
dup3(r7, r8, 0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x4, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x5, 0x0, @fd=r3, 0x2, 0x0, 0x0, 0xf, 0x0, {0x1, r9}}, 0xffffff1e)

11:22:03 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x90150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3212.649836] FAULT_INJECTION: forcing a failure.
[ 3212.649836] name failslab, interval 1, probability 0, space 0, times 0
[ 3212.651395] CPU: 1 PID: 86161 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3212.652319] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3212.653394] Call Trace:
[ 3212.653748]  dump_stack+0x107/0x167
[ 3212.654232]  should_fail.cold+0x5/0xa
[ 3212.654721]  ? create_object.isra.0+0x3a/0xa20
[ 3212.655312]  should_failslab+0x5/0x20
[ 3212.655805]  kmem_cache_alloc+0x5b/0x310
[ 3212.656355]  create_object.isra.0+0x3a/0xa20
[ 3212.656910]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3212.657564]  __kmalloc+0x16e/0x390
[ 3212.658023]  p9_fcall_init+0x97/0x290
[ 3212.658513]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 3212.659158]  p9_client_rpc+0x220/0x1370
[ 3212.659670]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3212.660355]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3212.661042]  ? pipe_poll+0x21b/0x800
[ 3212.661514]  ? p9_fd_close+0x4a0/0x4a0
[ 3212.662013]  ? wait_for_partner+0x3c0/0x3c0
[ 3212.662557]  ? p9_fd_poll+0x1e0/0x2c0
[ 3212.663046]  ? p9_fd_create+0x357/0x4a0
[ 3212.663567]  ? p9_conn_create+0x510/0x510
[ 3212.664128]  ? p9_client_create+0x798/0x1230
[ 3212.664722]  ? kfree+0xd7/0x340
[ 3212.665149]  ? do_raw_spin_unlock+0x4f/0x220
[ 3212.665707]  p9_client_create+0xa76/0x1230
[ 3212.666248]  ? p9_client_flush+0x430/0x430
[ 3212.666795]  ? trace_hardirqs_on+0x5b/0x180
[ 3212.667374]  ? lockdep_init_map_type+0x2c7/0x780
[ 3212.667980]  ? __raw_spin_lock_init+0x36/0x110
[ 3212.668581]  v9fs_session_init+0x1dd/0x1680
[ 3212.669134]  ? lock_release+0x680/0x680
[ 3212.669644]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3212.670247]  ? v9fs_show_options+0x690/0x690
[ 3212.670813]  ? trace_hardirqs_on+0x5b/0x180
[ 3212.671359]  ? kasan_unpoison_shadow+0x33/0x50
[ 3212.671941]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3212.672597]  v9fs_mount+0x79/0x8f0
[ 3212.673050]  ? v9fs_write_inode+0x60/0x60
[ 3212.673632]  legacy_get_tree+0x105/0x220
[ 3212.674151]  vfs_get_tree+0x8e/0x300
[ 3212.674618]  path_mount+0x1429/0x2120
[ 3212.675104]  ? strncpy_from_user+0x9e/0x470
[ 3212.675641]  ? finish_automount+0xa90/0xa90
[ 3212.676198]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3212.676786]  ? _copy_from_user+0xfb/0x1b0
[ 3212.677312]  __x64_sys_mount+0x282/0x300
[ 3212.677817]  ? copy_mnt_ns+0xa00/0xa00
[ 3212.678308]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3212.678963]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3212.679615]  do_syscall_64+0x33/0x40
[ 3212.680079]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3212.680749] RIP: 0033:0x7f01450cdb19
[ 3212.681219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3212.683543] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3212.684518] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3212.685414] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3212.686293] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3212.687171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3212.688053] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3212.757204] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=86175 comm=syz-executor.0
11:22:22 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x2f230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:22 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:22:22 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:22:22 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:22:22 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x91150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:22 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 39)

11:22:22 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x6a150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:22 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x141841, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x1, 0x201, 0x0, 0x0, {0xc, 0x0, 0xa}, [@CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x8000}]}]}, 0x20}}, 0x40000)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000000c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x42}, @in=@multicast1, 0x4e22, 0x7f, 0x4e23, 0x2, 0x2, 0x0, 0x0, 0x73}, {0x80000000, 0x20, 0x0, 0x6, 0x9026, 0x2d, 0x2, 0x400}, {0x101, 0x4613, 0x100000000, 0x54191306}, 0x0, 0x6e6bc0}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d4, 0x7e303f2e9b72a5ab}, 0xa, @in6=@empty, 0x34ff, 0x3, 0x2, 0x80, 0xffff8d31, 0x4, 0x401}}, 0xe8)

[ 3231.637998] FAULT_INJECTION: forcing a failure.
[ 3231.637998] name failslab, interval 1, probability 0, space 0, times 0
[ 3231.640465] CPU: 1 PID: 86582 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3231.641935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3231.643689] Call Trace:
[ 3231.644259]  dump_stack+0x107/0x167
[ 3231.645046]  should_fail.cold+0x5/0xa
[ 3231.645865]  ? create_object.isra.0+0x3a/0xa20
[ 3231.646837]  should_failslab+0x5/0x20
[ 3231.647650]  kmem_cache_alloc+0x5b/0x310
[ 3231.648541]  create_object.isra.0+0x3a/0xa20
[ 3231.649481]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3231.650575]  __kmalloc+0x16e/0x390
[ 3231.651338]  p9_fcall_init+0x97/0x290
[ 3231.652156]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 3231.653263]  p9_client_rpc+0x220/0x1370
[ 3231.654104]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3231.655225]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3231.656357]  ? pipe_poll+0x21b/0x800
[ 3231.657161]  ? p9_fd_close+0x4a0/0x4a0
[ 3231.657990]  ? wait_for_partner+0x3c0/0x3c0
[ 3231.658910]  ? p9_fd_poll+0x1e0/0x2c0
[ 3231.659724]  ? p9_fd_create+0x357/0x4a0
[ 3231.660586]  ? p9_conn_create+0x510/0x510
[ 3231.661463]  ? p9_client_create+0x798/0x1230
[ 3231.662393]  ? kfree+0xd7/0x340
[ 3231.663153]  ? do_raw_spin_unlock+0x4f/0x220
[ 3231.664097]  p9_client_create+0xa76/0x1230
[ 3231.665020]  ? p9_client_flush+0x430/0x430
[ 3231.665913]  ? trace_hardirqs_on+0x5b/0x180
[ 3231.666834]  ? lockdep_init_map_type+0x2c7/0x780
[ 3231.667841]  ? __raw_spin_lock_init+0x36/0x110
[ 3231.668843]  v9fs_session_init+0x1dd/0x1680
[ 3231.669762]  ? lock_release+0x680/0x680
[ 3231.670618]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3231.671639]  ? v9fs_show_options+0x690/0x690
[ 3231.672593]  ? trace_hardirqs_on+0x5b/0x180
[ 3231.673511]  ? kasan_unpoison_shadow+0x33/0x50
[ 3231.674482]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3231.675558]  v9fs_mount+0x79/0x8f0
[ 3231.676316]  ? v9fs_write_inode+0x60/0x60
[ 3231.677217]  legacy_get_tree+0x105/0x220
[ 3231.678086]  vfs_get_tree+0x8e/0x300
[ 3231.678873]  path_mount+0x1429/0x2120
[ 3231.679693]  ? strncpy_from_user+0x9e/0x470
[ 3231.680616]  ? finish_automount+0xa90/0xa90
[ 3231.680944] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=86590 comm=syz-executor.0
[ 3231.681527]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3231.681548]  ? _copy_from_user+0xfb/0x1b0
[ 3231.681571]  __x64_sys_mount+0x282/0x300
[ 3231.681587]  ? copy_mnt_ns+0xa00/0xa00
[ 3231.681608]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3231.681625]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3231.681644]  do_syscall_64+0x33/0x40
[ 3231.681661]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3231.681673] RIP: 0033:0x7f01450cdb19
[ 3231.681699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3231.697112] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3231.698746] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3231.700255] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3231.701765] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3231.703270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3231.704779] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:22:22 executing program 5:
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0xc1, 0x0, 0x0, 0x51, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7fff}, 0x8, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001500)=ANY=[@ANYBLOB="14000084b55bbea8c2d1f0690661003000210c00a736b4815589a92e01dbbcd498713334deda313a466f6c5899b8806351ca923a8dec00f406725157df4260996888d8380d17080965e8fb394dbde7804ea3d11738235c300b7f2c53e38144be31cf5f72379d81386b9ebdc30103e0d189a63345d78454a66fe994259941ab0a70566bf3113e98351e38dc5526cdeebc4b7c5914"], 0x14}}, 0x0)
perf_event_open(&(0x7f0000001480)={0x3, 0x80, 0x9, 0x9, 0x85, 0x78, 0x0, 0x4, 0x40708, 0x9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, @perf_config_ext={0x20, 0x1000}, 0x0, 0x9, 0x4, 0x4, 0x65, 0x3, 0x8, 0x0, 0x8, 0x0, 0x8}, 0x0, 0x0, r3, 0x1)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x810, r1, 0x8000000)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000300)={0x0, <r5=>0x0, "1d6ab30d1b0fce0a250c548c198eb9274a4a2417c4e4787f574c0338707ada47203f5e01bc865fb110e95c09753ae17d63c5d62b409cb803000000000000005254c3897a62aaa69c8b9fdf7ef62e63bc0a2ed46e1e2faefdf0b62c7a40e9d51811d4504b6c0b51744a647fd384ff8396b2afd8768bd704bcd386a4234bb10aba058565b97040a0fccfabf4c178c526a1d53c92f8a77ab1ab49b8a75deca6a0b58e9d2998e030fd6a63508e91540f18188814a32872e47ee935492b172c90f2693d4cb3c4d9a1277c1f86c0278ba59138fd366b4d02cef431dec8ef5f7aa017f82d5575b0f93b7fc4cb9c42fad9a8065c6171013629d5773379106e184a187bbb", "d80e216168b53ffff6722e0568df0e0dc291e73b3d501591559bb78a4ae142a9eab7f4b3e4cb76c47fe33b8f89a339cd27102c6452285bac2b933c750e5d62ed3da2c89734d513568ecc0420091fba693934eda7e06ea41f69f0116b316da08389eff3fe8920d28196d24c40b56c7fd5602b976fbfbf98c688008682aa2cd028c013b9b5b25e3264b52a2fe18a852d735c6f4e7db997088a97af5b16851aae4aac78836956fc4166ab3b1db9341d3956adac8aa0fe573e295ed72cfb5df393902034ae7df1ae1b9a2f0e11e9e4f93711468e130c411d6f240d1673087bbaee1739ee534166760174a431c925d75ea39f289edf6034559217a24b0178837fc346cd50bc0fe35d762fddd0753125ba628ff4dd3b2cd4f6983701ab3b2403e0d8d5fe477c8b87afb9457d48d425d00bd2c6d949d6769717d0b692063ae955ab49d4e34a47bedb9ae2af7ad47f7313430e05d4f5fdad873f0f015c791d323d74d3c8844802f7ccedc33138f8aa39b67c92b8486d687255d6240af210ad9461f5ca8191e68a497fa91ca23cc3e104e57002fb685dcbeaf107f6d5d9929781364d0ea7d60615eb0858778780c5f21721b3ee1d68db26805a0d28bca6951036ca086e85c2b9fdfeea63d711ae5e5bc3ad0ccc091bf8386a5078533fe5e018cbef6a5ff082872e10dbed11309cd23d15deb84ce7bfb49ffe8b1f1d5e614ad17fb475873b7f599b49c385e3236cb16419019723ecb8b2cea5442c887b5b6dc3de6f716e27699604b84b5bb6c0c3a73d7321394c25d7cd3bae694f9e19c01e60cd52258083bf15c99b41345aca903b0c974bc7ac80feb9c17a38ec09fbfa93503ad435f5e614f5566563c63f06738a7f86124b8296596b834048e27f18ccf082f41bf9257c703c214d3dcc9aa3ee2da037379bc2f292bd4bdd71db5547367838ef62475e409e31f400c0055e85a2ddb3a1a1f0b648dcc3adf659ad78e07892312385c236770d5bdab0a12c8ebf8ef3d5c6a24adeceb05a28bdbe832a601235e005ef7e358c1cd5adebc983dd096915c1a2511cdebb5fd005e8a7e477a9dff7e9c22f8d02f95f421df5facd85c99a7e04059deecb35e70af99aa102ae41fa99acc10d95284420672fc05460c7b88a6c57a7d8a783b4b67da245d5ba7fc3d736b0b82e0f5186142b0ea2246bc3434a8a43372cf5c5a8229e75fef1d34bfc1691b390160e0d7ad0bac8a5d7ae1be6cb6fc575f537c5eac34f222a5cfcfe41b1afaf8267ea2181ddd5f70aef0228fc60a0155200edbfffc647b2b8650e832daa2917f6e2806fa63dda7b2678538ad01cb6ec4c33704d32369cde7c3fd006bafec010f11574b83b91dfbb7ae31cdeb1d822cbe8a0177b7ee475cd2f86c53781d03c8736bb6dcb6fb53ba3a866da256624f339c576f2799deae8c09ff3bf59b69b0096f8f05fc4b4c175bb0d411e6cf76fd20e0b761daa6bd585c3780323892b5eaab4ce0e0b738deee508e3fe79145c9f565c5aced99e433c59d27f39a79fad99a23846123897053be58d7e32e7eb1b96144b8e717af6103ab3299ac141ca258e1c0af8adb4314501bee83983d4f7b8ae7aabb5273afbc62c9f600dd2602a76548e4e34e7635f2e80c8076d8512bcc1e8ee23d0bcb310f94e1983605a8e1ce81ac06e677880717f148fe2f4ecbfd81368b6c162be8f006e5ffe55b413814f84636cf1c082295661288c0142427fd67a457d46223d980b11a7151f045c6335aaa15b17e6e1c594ebbb05c30bfb216926af7073bed17d5f5e2d00191583bc225cde5ce39b0dd53218cfdee881a45144fb944fa238e9a7a8a0786f6c15bbb9fee48aa1f693cdad94b7c7af3665a491e3181f33705619ecd924e817a2c76628d926917f5c4cd80366bb19e9449b0316b009c25b458962f0f3f7d641cd3462a991cb1280d77b1b7474565358a92467460b64a39222a7e778e9194ffb598a3b3216f2515b3cb84a4f7e1b2d5b60b46d9919b4e3ab3627dc6a1815ac230ddd2805d693f898a751e00e3924255cbca8cc1ed166735ef89a5d3d28931e8a8ed3c738bbeea41c47d871cc09d12827a32c622e681af428e1e7f747131ab14ab75e3e41c08729f400ad0c5e19e8e79e200e06855f954bb6ad17d4a1c55b326dbd28197e4e134fc667563f41239c38a92791690e8c3e12caa9160b5b0768b4ad5b2851aa0c43bba540b8ada2e2397f33ea50319a6bd707568996ab482c792d95dfbc2bdb13b355a66a2bc3e55c8e608bbf09a18c8efd1acb45d23e52a150a4da88375b5ccd4c0a595336e926a5b56d924e0f52cea1009d218b4e98c5df49dc17d0ac48f172690e586130b25a06d8ff58de5703508eb648adb50b92e993ba74ffdb995c0d46b2571cf2495f737054fa39a140c414206da8442719cbd71e73d74ef67dea96435f837d57a64e8f822a5106c311a8bef06a6950d16e126c9235708935758d8ca5bda9425dc84b567594e2b9b83d71fb03a9764cc5bc601d5867026bff7a9c226e7a56b91e25974620daea1561aae7f292b6ca112925e540af839b8d5d3a13b893f0ab048b2b4062bc30f5b6f09da8272551c001c87d50b8b38a4e9e3746b366450c321e3c6b5c4034e77ef0a0dbde9402c224c9653ca92343898f79a043c5c4e86d5afd6653a7716a702f8c5b2d899f57619bac913cdd91c71d25daa70ac851b32ba294b559fb2d7da6f9127c743e2b0a919d7eaf7b1d8c7feeefa11f457fdd762036a4f98e0ff8a4ada4b99bdeb00c16090d9ca6543a526b4795c86e04ea55df33ed80bf428d402d72cb80735ec4f5fae7f2a5243e1e38a8d225aa91ff43beb142c5a6081bbe9088c090d03ea20fa7408869e0693933636c21b7f096e142478efb411e9da5ca9a417dc4be13cb986e89e1d94f547c63c0da3f6479e929e3a3e137d211e99af1ee11d8ab3fbabf687cd387188ceb8272537d6e7aad142edf68af4f46c1afd5dc69a19b286ead3ecc13fc91c3e036110c219b67553c19ba5a2ca752888b1fa47eccc07c33b60a0a525203fb38041472aeafd91e1e8ab5acd895e31306dc643edec0cb47510f2ad9a53329ba812b2a61a227a6ab3bd8cfa75051df5f3708aa7260791bdf7aaeabc0d20edb90eb7b7738e0b14948872df1f63b7d59216261d28f7bdf08d9d9e4d7c1d28b567d5579ce57086d8a09899c2dbc4f365e083f54d6d7992510a82a04029450d275f9ef7bb29b05524bfcc06c699ab0565a98a55b2ac9ada4b8675b58315af562b437406937697ce90d18ccbb3cfe61dcce0c5f30f5a20be6eb2b46288a91e8d30e4b87a480fb0784238162e0b5484c0d397dca765536d9e8e8602733ea8529e211269c0b7e10f235d0a30728e94a603a8d534be106ce582dfc867cb6e701adece27263b2b004e52e505c0a90f01ec2e542aeffc33054d56bdfcfd40e285dd4fde7a315cf59b4f7924a19e68856dd3feb405bd8be9787a1d70e259cdcb4ad3b531303289d455396a403aa581bf27085bb7b368e52cf1fa94a2179d5e25a7b9692dff5cef39db02143fd2db380efa01285b7f8110ad2c9858613831c05116be859c8fc87eecff3631814ff49494a8172c6f3ab9ee909c194a9ffefb65b4a1aa6c75f68344bb0641b19eb4d2fc95d1bb0d496a2b7ffacc4aaa95bd999401900f35cc3c0b1846f14dbb4b811d6d728ce509915d3f190bf3e8c8f45b452a082c4ef8d96a35d34af8999450a9f51bd142dcdb8de53443ab049aa33b295621af482b8ea1b67a39f5e698f326d60ff66e0caa58e23b5834c4ca2f3f706fb9bc450599a956d5a3beb46a2a853d95a7ce93d07c5834c2e65c4a4361e982e738893c722f03c7c033c0fd0a3a93d3e6462b5970edae3a59c8e4842c32056203660632544c288b7b43aa2c57dce836940038b8f321079a6e6d132327c70ed8a4e3cdd5994d43b3f39243c6c75f02b324f5cecad61bcc7b9000431612f6d7ef88eaef50a1c904d57df271521e973ddf2861ca851859700e8c1c907db2c4324f2c432078a2fa70752eb1b8557b43134b3e575c6fc693752640315875b0939eb5ce215d96c78a1c593054ea42bc590d78c0520bb3a331b49253bfe88fd5d2d51ac65f88218099082ef1fbc7ba32d32b74b7f509f19565e87f77b98984269507a5eb3888af7c89db3d9aa5903475327177968db510d9c67d41237d19021208b90b3008d676e66ead7a9e839e3d4966bef3c359c71de285c7e8fc7e542dd29d1a5c3bb1a49b744fabd55084f3f4d27f170b22ac75181e72a0436b7776af69be8ae523d4f2ce86330f81dbbb52be7290ebb0670d692bb997f149718f8bbc30d4cff51ce2c1099e9b5d0cbe29d4985f8d4712950aaa0658fd80c83e632f634ca339456c8697723e71876f5b6b567b8fd6f4051a54521a79db55f0063f6ee4edc3b45b8cfea8631e5c3004eecf2e47bbf214eeaa62c605ade3f957131ef5765bf6e90c742616bd6e1fa7ab25a87aeec1976189fdc2f559ec9de2625a71e68404ed68e91e4bf699f0cb22247a8ff08ad1d1e088b358ab0594762b386cb3a1942d4e36ccbcb085e15fd2afe77706c801abb66952f05bda1943c1fc92aed22ea2c7fc91e849f5090f4961278e6326743ab6c5b3e05c321fb135cd21e72d9549be2401ef86b4eef17ab1b7d975f71a2be0d9feec108cf268c33aee77c26827f596205c23c2e8f039db5acd5fc17d327c95f6c4b8a63b384c41f73cc5a6d592adf0da54ef4a78ab4cfe528178fc0be88f774034d9dd55a53f9aa3360be5cc7e9e8e328eaf98e8e829fb67bd9f59924a062633f086d9514bb98e8eeac7c00531e5414e83e1adc999b367dea2c977498461040d99d6117e4eab3f16de1e23c7b6262da2f3d68ddd1e3ba8545d03011402c761d72828a7306abbcd2d75e17265d305b11e7087beba10ef629fb0df5b9d46f66ded2ab6f72ec87439131464f3975f86ade470d13fb2887d5aa24bf0fe9e769c6175f37149dd43e69e7521e09f37ecba9adfce6b9f18e4d18c4b10facc8cbdc9cef0a579861479ffcb412f090cf3002c3de992fa2c1963695f21e8691655f6554efcdf4fe71cb01e1c5112a65c4fd1605f231110e467efc3b0919302262bc997707fe16011f6fdc35b70f2d4e4638297f925cb1a0da24863c5dda2c7e7a11f2d012f2e3f06a65213e39368f710e91e06370af3f593cc22555819dbf775e9e9da34ce859676b863901c655f7b07da68f7bdb746df42a815b0e9a0ae4d699f1e21a5f49708f0d22f38b583ba5d194072f7b5259b83b595e8ddca195d7ad031841ac1a3335f321170169d568907e27a82cd5254d6373b1d3575d248babf8aac024e583545facef2b7e269e894be4b60750a914eeedc8f95c3ddd75997566b2f38678c7cc0472ef7c"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0xc0709411, &(0x7f0000000180)={{r5, 0x8, 0x569, 0x7, 0x7, 0x2, 0x0, 0x4, 0x6, 0x4577, 0x1ff, 0x4, 0xfff, 0x100000000, 0xabc}, 0x28, [0x0, 0x0, 0x0, 0x0, 0x0]})
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000, 0x6, &(0x7f0000fef000/0x1000)=nil)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x3705ef11, 0xffff, 0x5)
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000240), 0x400040, 0x0)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000001300)={0xfffffff9, 0x9, 0x2d, 0x7, 0x9})
syz_io_uring_setup(0x3f82, &(0x7f0000001340)={0x0, 0x1f7a, 0x4, 0x1, 0x220, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000013c0), &(0x7f0000001400)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r7, &(0x7f0000001440)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0xfda)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="05a3df0643a9d81398de6fed82000000ba954d2bfd635d4693f2198cbc402dcd9f75c10bffd19961fdf6189c73b367aeb329728e543bb6736b4cfb8e83b582ef87d43c804a5074ec6e40758acb"])

11:22:22 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x30230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:22 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x92150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:22 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000200), 0x40244, 0x0)
r3 = epoll_create1(0x0)
r4 = fspick(0xffffffffffffff9c, &(0x7f0000002700)='./file0\x00', 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000002740)={0x30000000})
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000025c0), 0x48040, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
sendmsg$nl_generic(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000026c0)=ANY=[@ANYBLOB="140000003000210c40000000000000000016575df51fa13628c1dbae000000"], 0x14}}, 0x2000c815)
r8 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000002640), 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r7, 0xc0189376, &(0x7f0000002680)=ANY=[@ANYBLOB="010000000100000018000800", @ANYRES32=r8, @ANYBLOB="04000000000000002e2f66696c653000"])
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r5, &(0x7f0000002600)={0x20000000})
syz_io_uring_setup(0x31f6, &(0x7f00000000c0)={0x0, 0x377d, 0x4, 0x3, 0x193, 0x0, r1}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(0x0, r9, &(0x7f0000002580)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, r1, 0x0, &(0x7f0000002540)={&(0x7f0000000180)=@hci, 0x80, &(0x7f0000002480)=[{&(0x7f0000000200)}, {&(0x7f0000000240)=""/210, 0xd2}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/30, 0x1e}, {&(0x7f0000001380)=""/90, 0x5a}, {&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f0000002400)=""/106, 0x6a}], 0x7, &(0x7f0000002500)=""/25, 0x19}, 0x0, 0x40000001}, 0x8000)

11:22:22 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000080)={{}, {@void, @max}})
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup2(r1, r1)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000140), 0x8)
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000)=0x143, 0x5)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x800004, 0x50, r2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:22:22 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x6b150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:22 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x31230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:22 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 40)

[ 3232.192227] FAULT_INJECTION: forcing a failure.
[ 3232.192227] name failslab, interval 1, probability 0, space 0, times 0
[ 3232.195318] CPU: 1 PID: 87356 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3232.196983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3232.198981] Call Trace:
[ 3232.199636]  dump_stack+0x107/0x167
[ 3232.200531]  should_fail.cold+0x5/0xa
[ 3232.201471]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3232.202868]  should_failslab+0x5/0x20
[ 3232.203786]  kmem_cache_alloc+0x5b/0x310
[ 3232.204877]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3232.206227]  idr_get_free+0x4b5/0x8f0
[ 3232.207179]  idr_alloc_u32+0x170/0x2d0
[ 3232.208140]  ? __fprop_inc_percpu_max+0x130/0x130
[ 3232.209341]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 3232.210629]  ? lock_release+0x680/0x680
[ 3232.211593]  idr_alloc+0xc2/0x130
[ 3232.212450]  ? idr_alloc_u32+0x2d0/0x2d0
[ 3232.213424]  ? rwlock_bug.part.0+0x90/0x90
[ 3232.214440]  p9_client_prepare_req.part.0+0x612/0xac0
[ 3232.215702]  p9_client_rpc+0x220/0x1370
[ 3232.216684]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3232.217937]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3232.219220]  ? pipe_poll+0x21b/0x800
[ 3232.220106]  ? p9_fd_close+0x4a0/0x4a0
[ 3232.221214]  ? wait_for_partner+0x3c0/0x3c0
[ 3232.222367]  ? p9_fd_poll+0x1e0/0x2c0
[ 3232.223391]  ? p9_fd_create+0x357/0x4a0
[ 3232.224472]  ? p9_conn_create+0x510/0x510
[ 3232.225521]  ? p9_client_create+0x798/0x1230
[ 3232.226533]  ? kfree+0xd7/0x340
[ 3232.227291]  ? do_raw_spin_unlock+0x4f/0x220
[ 3232.228318]  p9_client_create+0xa76/0x1230
[ 3232.229309]  ? p9_client_flush+0x430/0x430
[ 3232.230289]  ? trace_hardirqs_on+0x5b/0x180
[ 3232.231300]  ? lockdep_init_map_type+0x2c7/0x780
[ 3232.232406]  ? __raw_spin_lock_init+0x36/0x110
[ 3232.233485]  v9fs_session_init+0x1dd/0x1680
[ 3232.234491]  ? lock_release+0x680/0x680
[ 3232.235440]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3232.236628]  ? v9fs_show_options+0x690/0x690
[ 3232.237692]  ? trace_hardirqs_on+0x5b/0x180
[ 3232.238898]  ? kasan_unpoison_shadow+0x33/0x50
[ 3232.240166]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3232.241586]  v9fs_mount+0x79/0x8f0
[ 3232.242569]  ? v9fs_write_inode+0x60/0x60
[ 3232.243698]  legacy_get_tree+0x105/0x220
[ 3232.244813]  vfs_get_tree+0x8e/0x300
[ 3232.245792]  path_mount+0x1429/0x2120
[ 3232.246816]  ? strncpy_from_user+0x9e/0x470
[ 3232.247918]  ? finish_automount+0xa90/0xa90
[ 3232.248983]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3232.250040]  ? _copy_from_user+0xfb/0x1b0
[ 3232.251008]  __x64_sys_mount+0x282/0x300
[ 3232.251943]  ? copy_mnt_ns+0xa00/0xa00
[ 3232.252868]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3232.254073]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3232.255322]  do_syscall_64+0x33/0x40
[ 3232.256192]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3232.257394] RIP: 0033:0x7f01450cdb19
[ 3232.258259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3232.262535] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3232.264295] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3232.265962] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3232.267629] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3232.269285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3232.270925] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:22:39 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x40010, r1, 0x10000000)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000000c0)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd=r1, 0x8, {0x0, r0}, 0x2, 0xa, 0x0, {0x0, 0x0, r3}}, 0x9)

11:22:39 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:22:39 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:22:39 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:22:39 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x6c000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:39 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x32230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:39 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 41)

11:22:39 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x93150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3249.344917] FAULT_INJECTION: forcing a failure.
[ 3249.344917] name failslab, interval 1, probability 0, space 0, times 0
[ 3249.347383] CPU: 1 PID: 87537 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3249.349100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3249.350958] Call Trace:
[ 3249.351572]  dump_stack+0x107/0x167
[ 3249.352545]  should_fail.cold+0x5/0xa
[ 3249.353501]  ? create_object.isra.0+0x3a/0xa20
[ 3249.354623]  should_failslab+0x5/0x20
[ 3249.355566]  kmem_cache_alloc+0x5b/0x310
[ 3249.356585]  create_object.isra.0+0x3a/0xa20
[ 3249.357663]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3249.358762]  kmem_cache_alloc+0x159/0x310
[ 3249.359679]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3249.361124]  idr_get_free+0x4b5/0x8f0
[ 3249.361987]  idr_alloc_u32+0x170/0x2d0
[ 3249.362992]  ? __fprop_inc_percpu_max+0x130/0x130
[ 3249.364028]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 3249.365397]  ? lock_release+0x680/0x680
[ 3249.366224]  idr_alloc+0xc2/0x130
[ 3249.367098]  ? idr_alloc_u32+0x2d0/0x2d0
[ 3249.367941]  ? rwlock_bug.part.0+0x90/0x90
[ 3249.369039]  p9_client_prepare_req.part.0+0x612/0xac0
[ 3249.370158]  p9_client_rpc+0x220/0x1370
[ 3249.371174]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.372373]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3249.373742]  ? pipe_poll+0x21b/0x800
[ 3249.374703]  ? p9_fd_close+0x4a0/0x4a0
[ 3249.375499]  ? wait_for_partner+0x3c0/0x3c0
[ 3249.376623]  ? p9_fd_poll+0x1e0/0x2c0
[ 3249.377628]  ? p9_fd_create+0x357/0x4a0
[ 3249.378450]  ? p9_conn_create+0x510/0x510
[ 3249.379507]  ? p9_client_create+0x798/0x1230
[ 3249.380403]  ? kfree+0xd7/0x340
[ 3249.381244]  ? do_raw_spin_unlock+0x4f/0x220
[ 3249.382398]  p9_client_create+0xa76/0x1230
[ 3249.383733]  ? p9_client_flush+0x430/0x430
[ 3249.384680]  ? trace_hardirqs_on+0x5b/0x180
[ 3249.385567] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=87551 comm=syz-executor.0
[ 3249.385793]  ? lockdep_init_map_type+0x2c7/0x780
[ 3249.390076]  ? __raw_spin_lock_init+0x36/0x110
[ 3249.391015]  v9fs_session_init+0x1dd/0x1680
[ 3249.392113]  ? lock_release+0x680/0x680
[ 3249.393017]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3249.394254]  ? v9fs_show_options+0x690/0x690
[ 3249.395260]  ? trace_hardirqs_on+0x5b/0x180
[ 3249.396357]  ? kasan_unpoison_shadow+0x33/0x50
[ 3249.397386]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3249.398417]  v9fs_mount+0x79/0x8f0
[ 3249.399324]  ? v9fs_write_inode+0x60/0x60
[ 3249.400180]  legacy_get_tree+0x105/0x220
[ 3249.401228]  vfs_get_tree+0x8e/0x300
[ 3249.402197]  path_mount+0x1429/0x2120
[ 3249.403175]  ? strncpy_from_user+0x9e/0x470
[ 3249.404038]  ? finish_automount+0xa90/0xa90
[ 3249.405159]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3249.406073]  ? _copy_from_user+0xfb/0x1b0
[ 3249.406891]  __x64_sys_mount+0x282/0x300
[ 3249.407679]  ? copy_mnt_ns+0xa00/0xa00
[ 3249.408605]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.409816]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3249.410933]  do_syscall_64+0x33/0x40
[ 3249.411739]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3249.412852] RIP: 0033:0x7f01450cdb19
[ 3249.413668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3249.417611] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3249.419267] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3249.420844] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3249.422429] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3249.423988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3249.425553] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:22:40 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="25b3e51a0000696c65c6e80000000000000000"])

11:22:40 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x33230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:40 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:22:40 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x94150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:40 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 42)

11:22:40 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x6c150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3249.829962] FAULT_INJECTION: forcing a failure.
[ 3249.829962] name failslab, interval 1, probability 0, space 0, times 0
[ 3249.832773] CPU: 1 PID: 88041 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3249.834212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3249.836151] Call Trace:
[ 3249.836661]  dump_stack+0x107/0x167
[ 3249.837531]  should_fail.cold+0x5/0xa
[ 3249.838266]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3249.839360]  should_failslab+0x5/0x20
[ 3249.840090]  kmem_cache_alloc+0x5b/0x310
[ 3249.840916]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3249.842008]  idr_get_free+0x4b5/0x8f0
[ 3249.842762]  idr_alloc_u32+0x170/0x2d0
[ 3249.843514]  ? __fprop_inc_percpu_max+0x130/0x130
[ 3249.844502]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 3249.845774]  ? lock_release+0x680/0x680
[ 3249.846611]  idr_alloc+0xc2/0x130
[ 3249.847265]  ? idr_alloc_u32+0x2d0/0x2d0
[ 3249.848204]  ? rwlock_bug.part.0+0x90/0x90
[ 3249.849135]  p9_client_prepare_req.part.0+0x612/0xac0
[ 3249.850152]  p9_client_rpc+0x220/0x1370
[ 3249.850922]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.851938]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3249.853110]  ? pipe_poll+0x21b/0x800
[ 3249.853832]  ? p9_fd_close+0x4a0/0x4a0
[ 3249.854580]  ? wait_for_partner+0x3c0/0x3c0
[ 3249.855397]  ? p9_fd_poll+0x1e0/0x2c0
[ 3249.856149]  ? p9_fd_create+0x357/0x4a0
[ 3249.856941]  ? p9_conn_create+0x510/0x510
[ 3249.857723]  ? p9_client_create+0x798/0x1230
[ 3249.858566]  ? kfree+0xd7/0x340
[ 3249.859199]  ? do_raw_spin_unlock+0x4f/0x220
[ 3249.860032]  p9_client_create+0xa76/0x1230
[ 3249.860892]  ? p9_client_flush+0x430/0x430
[ 3249.861704]  ? trace_hardirqs_on+0x5b/0x180
[ 3249.862528]  ? lockdep_init_map_type+0x2c7/0x780
[ 3249.863429]  ? __raw_spin_lock_init+0x36/0x110
[ 3249.864301]  v9fs_session_init+0x1dd/0x1680
[ 3249.865139]  ? lock_release+0x680/0x680
[ 3249.865909]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3249.866831]  ? v9fs_show_options+0x690/0x690
[ 3249.867667]  ? trace_hardirqs_on+0x5b/0x180
[ 3249.868495]  ? kasan_unpoison_shadow+0x33/0x50
[ 3249.869380]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3249.870317]  v9fs_mount+0x79/0x8f0
[ 3249.870971]  ? v9fs_write_inode+0x60/0x60
[ 3249.871729]  legacy_get_tree+0x105/0x220
[ 3249.872483]  vfs_get_tree+0x8e/0x300
[ 3249.873200]  path_mount+0x1429/0x2120
[ 3249.873952]  ? strncpy_from_user+0x9e/0x470
[ 3249.874741]  ? finish_automount+0xa90/0xa90
[ 3249.875536]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3249.876393]  ? _copy_from_user+0xfb/0x1b0
[ 3249.877210]  __x64_sys_mount+0x282/0x300
[ 3249.877971]  ? copy_mnt_ns+0xa00/0xa00
[ 3249.878699]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.879662]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3249.880608]  do_syscall_64+0x33/0x40
[ 3249.881324]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3249.882260] RIP: 0033:0x7f01450cdb19
[ 3249.882979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3249.886375] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3249.887997] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3249.889352] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3249.890672] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3249.891964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3249.893291] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:22:40 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x6d150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:22:40 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000140), 0x8)
dup3(r2, r3, 0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:22:40 executing program 5:
r0 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4000010, r0, 0x8000000)
r5 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
syz_io_uring_submit(r8, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r9 = syz_open_dev$hiddev(&(0x7f0000000080), 0x1, 0x400000)
r10 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r11=>0x0, &(0x7f0000000100)=<r12=>0x0)
r13 = io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x9, 0x0, 0x0)
syz_io_uring_submit(r11, r12, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x4, 0x0, 0x0, 0x0, 0x0, {0x0, r13}}, 0x0)
syz_io_uring_submit(r4, r7, &(0x7f00000000c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r9, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r13}}, 0x7f)
syz_io_uring_submit(0x0, r2, 0x0, 0x7)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="050000e854c8f997700666852a0000000000172f66696c65307d850500"])

11:23:00 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 43)

11:23:00 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x34230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:00 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x95150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:00 executing program 5:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom1\x00', 0x802, 0x0)
read(r0, &(0x7f0000000080)=""/4096, 0x1000)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000001140)={<r1=>r0, 0xfffffffffffffffe, 0x3, 0x8})
perf_event_open$cgroup(&(0x7f00000010c0)={0x0, 0x80, 0x1, 0x0, 0x3, 0x4, 0x0, 0x7fffffff, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1000, 0x0, @perf_bp={&(0x7f0000001080)}, 0x80, 0x2, 0x6, 0x1, 0x5, 0x8000, 0x7, 0x0, 0x40}, 0xffffffffffffffff, 0xa, r1, 0xe)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:23:01 executing program 4:
r0 = epoll_create1(0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0x10000009})
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000080))
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = fork()
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000240)=<r6=>0x0)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000700)=<r7=>0x0)
r8 = getpgrp(0x0)
clone3(&(0x7f0000000780)={0x40000000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), {0x31}, &(0x7f0000000580)=""/184, 0xb8, &(0x7f0000000640)=""/132, &(0x7f0000000740)=[r5, r6, 0xffffffffffffffff, 0xffffffffffffffff, r7, 0xffffffffffffffff, r8, 0xffffffffffffffff], 0x8, {r4}}, 0x58)
fcntl$dupfd(r4, 0x0, r4)
sendmsg$nl_generic(r4, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f0000000800)={0x508, 0x2b, 0x200, 0x70bd2c, 0x25dfdbff, {0xf}, [@nested={0x2c1, 0x49, 0x0, 0x1, [@generic="7dc3a3e7dbb38eec9dbbafbe80d0b2e73c146c64b2b8b94e8b25ebd27a4b4f0db694d980b4278c953c24d7d71b7b974d2169d3a3fb88bcc84c412c44f41b9254c80941f52499bca9eea9ee41744d5e16ee3b1082a61a1467e1c83d796dbda59e6e455a5f6526c33c1f10fb32744768db69dce7ff59364fa7215e1237d2afb28c8f0cbd0b5beff974dce62c86c4b9e150bee10f19d913ac31536b81a78942aad0f70dda15151fb4eba9937e1e3447043a9240c31ce0acf457791550c4ae608153587d1a4c5b9f63440ce6894f2b9457fdea9ab428f484a3418a6f9d441725285dfef52474246091763a1f1f3676843798a059", @generic="6277531275957b69a612f5b1590ed16e0778793b4112e95798617302386809d47575e5141a94c0b362aa18e018d4ecd112da337d3f178a176960c4d5", @typed={0x4, 0x72}, @generic="6cec86b1ceffb0c15c56a9d7a17db67c5484d5841c4421f9e1b3baa76f3f81ffef53b14ebfc01cb820c4eb9d7c86d6546ec0260190e39935fad379c50f0b2594d0f840fbc4bf57ebdc476c93f530b9c52e4495ce93b1cdc4062f81f12f2f1bfcd1f4078bf55b4acf5ddc9898f263ca6fde5dd6454911198554c51e3e33d9d42d21d1991671be239e2c69", @generic="cae844cc76405fa0de4f6da05ed721faf503f3572e86b9593ae56d70de051ee57984e74120ffef68df64966c504b3dc3cd002fbb1cf9dc134b3df61c92e61321c487cec6eedbbb91989acda13f601adfdc8052e0e45209b57832f83810e3b9850ad685f150d9c131619b625e8d964a5270141905d0913685dabc948192eab291341f32cefdff5a9dba084e64003e848a2f6a543803425554cf2c5d0e4e176d5f288d0d24da252c9a0fced34df9459fc5081b13794698417d2731bb9ecd77744eccd371d5fc3d351656131ff51e3d902cb1d9a86e1c850a1bf1c8bbff16b2270b4497fdc40e6dd6489bf9b914b83cfdbeb6a0ea7fd9904a8db1", @typed={0x8, 0x91, 0x0, 0x0, @str='^}}\x00'}]}, @generic="22dc72fe", @nested={0x95, 0x4, 0x0, 0x1, [@typed={0x14, 0x62, 0x0, 0x0, @ipv6=@empty}, @typed={0x75, 0x5, 0x0, 0x0, @binary="1ba3a8bb9de4d0ec73b938ef2619cb638843a3e5b7070442ec25f131b50182cadd6cc9629a7d743f54884cea438bccb81d8b65c8e1cb45d0c8b59b593b1de39380fa0528533ad7176879a19f3321cdb4243a635f913a08ba5681572b0fe46f738c93a536047438ded09cb4395eaaac165d"}, @generic="6720d0f03d"]}, @generic="35dac4ab5129da585a110538fe11d9789ed86fb357cd6620cc7ada68e6ee7455077e31813dfe975bcdcc7abb39aef92548df4dea047ccdeee5fa95434d059405a41c69e3909d02ca6da59da6da30d41b6b02712695ae37c9c73505244496863cb3385477d2d1b2e1ef6dee585ec7da5de8ba2a1ae972c299f36ccd9a13ee8b8f3b9c91ebafbde72f86ebccd3cd3a7e92a274dfb033982fa70444587bf83e76746262dcda914e6f574f74b32cb99a7d0ea3f98dd1fc394122540815c0d3cacddd449c1a9a439610baa565ec99c157277cd810f4e2da66f8dcbf7f6d6022", @generic="f29f45ee1575c7577fbb36ca8a86b9793b984730e2317b6e0219e2b54643e7751b539821b50e088e9f95ab591dc0aa952c95dbd0d39bcbc47f97ec9967ea8772e91146535f138155a5431c21b09031a016065e6f51cc1e699cdd10b1ef4528d7e2e98ceca73950b85fd5e9d4c9cbb967afa10cec14e3b671a0e1155608509fa0fd0a4ed107248de58abedd4eabbaf3b342c62addd2801932de7a16f92738c95784c5ad0fc21dd811c5acac6e48e0886a5ad550b2"]}, 0x508}}, 0x4000040)

11:23:01 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x6e150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:01 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:23:01 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {0x0}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

[ 3270.397545] FAULT_INJECTION: forcing a failure.
[ 3270.397545] name failslab, interval 1, probability 0, space 0, times 0
[ 3270.399982] CPU: 0 PID: 88583 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3270.401483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3270.403276] Call Trace:
[ 3270.403851]  dump_stack+0x107/0x167
[ 3270.404642]  should_fail.cold+0x5/0xa
[ 3270.405479]  ? create_object.isra.0+0x3a/0xa20
[ 3270.406491]  should_failslab+0x5/0x20
[ 3270.407400]  kmem_cache_alloc+0x5b/0x310
[ 3270.408283]  create_object.isra.0+0x3a/0xa20
[ 3270.409299]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3270.410404]  kmem_cache_alloc+0x159/0x310
[ 3270.411309]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3270.412521]  idr_get_free+0x4b5/0x8f0
[ 3270.413364]  idr_alloc_u32+0x170/0x2d0
[ 3270.414214]  ? __fprop_inc_percpu_max+0x130/0x130
[ 3270.415258]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 3270.416410]  ? lock_release+0x680/0x680
[ 3270.417178] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=88595 comm=syz-executor.0
[ 3270.417314]  idr_alloc+0xc2/0x130
[ 3270.417331]  ? idr_alloc_u32+0x2d0/0x2d0
[ 3270.417344]  ? rwlock_bug.part.0+0x90/0x90
[ 3270.417374]  p9_client_prepare_req.part.0+0x612/0xac0
[ 3270.417402]  p9_client_rpc+0x220/0x1370
[ 3270.424779]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3270.425970]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3270.427121]  ? pipe_poll+0x21b/0x800
[ 3270.428063]  ? p9_fd_close+0x4a0/0x4a0
[ 3270.428991]  ? wait_for_partner+0x3c0/0x3c0
[ 3270.429932]  ? p9_fd_poll+0x1e0/0x2c0
[ 3270.430765]  ? p9_fd_create+0x357/0x4a0
[ 3270.431623]  ? p9_conn_create+0x510/0x510
[ 3270.432515]  ? p9_client_create+0x798/0x1230
[ 3270.433475]  ? kfree+0xd7/0x340
[ 3270.434188]  ? do_raw_spin_unlock+0x4f/0x220
[ 3270.435146]  p9_client_create+0xa76/0x1230
[ 3270.436071]  ? p9_client_flush+0x430/0x430
[ 3270.436995]  ? trace_hardirqs_on+0x5b/0x180
[ 3270.437926]  ? lockdep_init_map_type+0x2c7/0x780
[ 3270.438951]  ? __raw_spin_lock_init+0x36/0x110
[ 3270.439992]  v9fs_session_init+0x1dd/0x1680
[ 3270.440926]  ? lock_release+0x680/0x680
[ 3270.441827]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3270.442864]  ? v9fs_show_options+0x690/0x690
[ 3270.443821]  ? trace_hardirqs_on+0x5b/0x180
[ 3270.444753]  ? kasan_unpoison_shadow+0x33/0x50
[ 3270.445747]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3270.446840]  v9fs_mount+0x79/0x8f0
[ 3270.447610]  ? v9fs_write_inode+0x60/0x60
[ 3270.448509]  legacy_get_tree+0x105/0x220
[ 3270.449462]  vfs_get_tree+0x8e/0x300
[ 3270.450422]  path_mount+0x1429/0x2120
[ 3270.451273]  ? strncpy_from_user+0x9e/0x470
[ 3270.452198]  ? finish_automount+0xa90/0xa90
[ 3270.453136]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3270.454133]  ? _copy_from_user+0xfb/0x1b0
[ 3270.455034]  __x64_sys_mount+0x282/0x300
[ 3270.455903]  ? copy_mnt_ns+0xa00/0xa00
[ 3270.456744]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3270.457896]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3270.459016]  do_syscall_64+0x33/0x40
[ 3270.459818]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3270.460920] RIP: 0033:0x7f01450cdb19
[ 3270.461727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3270.465707] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3270.467339] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3270.468882] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3270.470433] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3270.471967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3270.473521] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:23:01 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = socket$netlink(0x10, 0x3, 0x0)
fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@local, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000180)=0xe8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'syztnl2\x00', &(0x7f00000001c0)={'ip_vti0\x00', <r2=>0x0, 0x40, 0x8000, 0x4, 0x81, {{0x1d, 0x4, 0x0, 0x4, 0x74, 0x64, 0x0, 0x7, 0x29, 0x0, @remote, @private=0xa010101, {[@timestamp={0x44, 0x8, 0xc1, 0x0, 0x6, [0x2]}, @cipso={0x86, 0x1d, 0x1, [{0x2, 0xa, "c388bce998e6dd9b"}, {0x2, 0xd, "97e20bfc4a435b8528a239"}]}, @end, @timestamp_addr={0x44, 0x2c, 0x7, 0x1, 0x3, [{@private=0xa010101, 0x7fff}, {@dev={0xac, 0x14, 0x14, 0x3d}, 0x4}, {@empty, 0x45e}, {@multicast2}, {@dev={0xac, 0x14, 0x14, 0x36}, 0xbb0}]}, @rr={0x7, 0xb, 0x82, [@broadcast, @rand_addr=0x64010100]}]}}}}})
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0)={@dev, @loopback, <r3=>0x0}, &(0x7f0000000300)=0xc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'erspan0\x00', &(0x7f0000000340)={'syztnl0\x00', <r4=>0x0, 0x10, 0x10, 0x8, 0x1, {{0x34, 0x4, 0x0, 0x7, 0xd0, 0x68, 0x0, 0x7, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@rr={0x7, 0x1b, 0x8d, [@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @dev={0xac, 0x14, 0x14, 0x1b}, @loopback, @broadcast, @private=0xa010100]}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x1c, 0xc, 0x1, 0x8, [{@rand_addr=0x64010100, 0x5}, {@multicast1, 0x3ff}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3ff}]}, @noop, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x24, 0x4d, 0x1, 0x9, [{@remote, 0x7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}, {@rand_addr=0x64010102, 0x400}, {@dev={0xac, 0x14, 0x14, 0x10}, 0xff}]}, @timestamp={0x44, 0x1c, 0x72, 0x0, 0x6, [0x2710, 0x5, 0x8001, 0x3, 0x3, 0x2]}, @timestamp={0x44, 0x18, 0x6, 0x0, 0x6, [0x2, 0x3, 0x0, 0x7fffffff, 0x9]}, @lsrr={0x83, 0x7, 0x58, [@initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x1c, 0x5e, 0x1, 0x6, [{@broadcast}, {@local, 0x1}, {@empty, 0x1}]}]}}}}})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000540)={&(0x7f0000000480)={0xc0, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4040800}, 0x20000040)
r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
close(r5)

[ 3270.552176] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=88787 comm=syz-executor.5
[ 3270.598250] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=88787 comm=syz-executor.5
11:23:01 executing program 4:
r0 = epoll_create1(0x80000)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
finit_module(r1, &(0x7f0000000000)='/dev/vcsa\x00', 0x2)

11:23:01 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x6f150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:01 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x96150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:01 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
fgetxattr(r0, &(0x7f0000000000)=@random={'btrfs.', '!\x00'}, &(0x7f0000000080)=""/208, 0xd0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:23:01 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 44)

11:23:01 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x35230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:01 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x70150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:01 executing program 4:
epoll_create1(0x0)
r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x3f, 0x101200)
r1 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x2, 0xd8d83)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x2000201e})
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f0000000140), 0x8)
fcntl$getown(r3, 0x9)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r2, &(0x7f0000000140)={0x1000001d})

[ 3270.923635] FAULT_INJECTION: forcing a failure.
[ 3270.923635] name failslab, interval 1, probability 0, space 0, times 0
[ 3270.926182] CPU: 1 PID: 89289 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3270.927629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3270.929386] Call Trace:
[ 3270.929947]  dump_stack+0x107/0x167
[ 3270.930718]  should_fail.cold+0x5/0xa
[ 3270.931689]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3270.933117]  should_failslab+0x5/0x20
[ 3270.934000]  kmem_cache_alloc+0x5b/0x310
[ 3270.934868]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3270.936052]  idr_get_free+0x4b5/0x8f0
[ 3270.936869]  idr_alloc_u32+0x170/0x2d0
[ 3270.937702]  ? __fprop_inc_percpu_max+0x130/0x130
[ 3270.938883]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 3270.940092]  ? lock_release+0x680/0x680
[ 3270.941158]  idr_alloc+0xc2/0x130
[ 3270.942057]  ? idr_alloc_u32+0x2d0/0x2d0
[ 3270.942913]  ? rwlock_bug.part.0+0x90/0x90
[ 3270.943823]  p9_client_prepare_req.part.0+0x612/0xac0
[ 3270.944926]  p9_client_rpc+0x220/0x1370
[ 3270.945785]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3270.946906]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3270.948041]  ? pipe_poll+0x21b/0x800
[ 3270.948830]  ? p9_fd_close+0x4a0/0x4a0
[ 3270.949706]  ? wait_for_partner+0x3c0/0x3c0
[ 3270.950718]  ? p9_fd_poll+0x1e0/0x2c0
[ 3270.951540]  ? p9_fd_create+0x357/0x4a0
[ 3270.952380]  ? p9_conn_create+0x510/0x510
[ 3270.953446]  ? p9_client_create+0x798/0x1230
[ 3270.954585]  ? kfree+0xd7/0x340
[ 3270.955281]  ? do_raw_spin_unlock+0x4f/0x220
[ 3270.956220]  p9_client_create+0xa76/0x1230
[ 3270.957141]  ? p9_client_flush+0x430/0x430
[ 3270.958055]  ? trace_hardirqs_on+0x5b/0x180
[ 3270.958970]  ? lockdep_init_map_type+0x2c7/0x780
[ 3270.959978]  ? __raw_spin_lock_init+0x36/0x110
[ 3270.960940]  v9fs_session_init+0x1dd/0x1680
[ 3270.961863]  ? lock_release+0x680/0x680
[ 3270.962705]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3270.963730]  ? v9fs_show_options+0x690/0x690
[ 3270.964664]  ? trace_hardirqs_on+0x5b/0x180
[ 3270.965585]  ? kasan_unpoison_shadow+0x33/0x50
[ 3270.966646]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3270.967792]  v9fs_mount+0x79/0x8f0
[ 3270.968546]  ? v9fs_write_inode+0x60/0x60
[ 3270.969433]  legacy_get_tree+0x105/0x220
[ 3270.970297]  vfs_get_tree+0x8e/0x300
[ 3270.971085]  path_mount+0x1429/0x2120
[ 3270.971897]  ? strncpy_from_user+0x9e/0x470
[ 3270.972812]  ? finish_automount+0xa90/0xa90
[ 3270.973732]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3270.974985]  ? _copy_from_user+0xfb/0x1b0
[ 3270.976043]  __x64_sys_mount+0x282/0x300
[ 3270.976905]  ? copy_mnt_ns+0xa00/0xa00
[ 3270.977745]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3270.978859]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3270.979956]  do_syscall_64+0x33/0x40
[ 3270.980749]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3270.981843] RIP: 0033:0x7f01450cdb19
[ 3270.982634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3270.986541] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3270.988185] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3270.989869] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3270.991382] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3270.992886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3270.994403] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:23:01 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x36230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:01 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000140), 0x8)
fcntl$dupfd(r0, 0x0, r1)

11:23:16 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r4, 0x1, 0x3d, &(0x7f0000000140), 0x8)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000000)={0x2000})

11:23:16 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 45)

11:23:16 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x97150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:16 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(0xffffffffffffffff, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:23:16 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {0x0}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:23:16 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x71150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:16 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x37230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:16 executing program 5:
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x13, 0xffffffffffffffff, 0x10000000)
r0 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(0x0, r2, 0x0, 0xffff8003)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000440)=ANY=[@ANYBLOB="010000000100000018000000bb16193b7447fe0c024e893cefd3dbcabf106366e11d719b178d42d58e30254333a5361ebdbc57c4c2a53730614d202977a82fd752f63d699c5c736429b317cda66350cc36ae5b8e1ff36fc6ee5181a270c1ef756b2cb33ff44c5e50972158042800"/121, @ANYRES32=<r4=>0xffffffffffffffff, @ANYBLOB="05000000000000002e2f66696c653000"])
r5 = syz_io_uring_setup(0x1c2b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000400)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
syz_io_uring_submit(r8, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r9, 0x1, 0x3d, &(0x7f0000000140), 0x8)
syz_io_uring_setup(0x253, &(0x7f0000000080)={0x0, 0xefcd, 0x10, 0x3, 0x2d2, 0x0, r5}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000240)=<r10=>0x0)
syz_io_uring_submit(r8, r10, &(0x7f0000000280)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd=r4, 0x0, 0x0, 0x0, {0x3210}, 0x1}, 0xb316518)
syz_io_uring_submit(r8, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x4, 0x0, @fd=r9, 0xdd, 0x0, 0x4}, 0x3ff)

[ 3286.302749] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=89747 comm=syz-executor.0
[ 3286.317694] FAULT_INJECTION: forcing a failure.
[ 3286.317694] name failslab, interval 1, probability 0, space 0, times 0
[ 3286.319493] CPU: 1 PID: 89750 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3286.320593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3286.321928] Call Trace:
[ 3286.322348]  dump_stack+0x107/0x167
[ 3286.322928]  should_fail.cold+0x5/0xa
[ 3286.323540]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3286.324461]  should_failslab+0x5/0x20
[ 3286.325067]  kmem_cache_alloc+0x5b/0x310
[ 3286.325748]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 3286.326639]  idr_get_free+0x4b5/0x8f0
[ 3286.327249]  idr_alloc_u32+0x170/0x2d0
[ 3286.327881]  ? __fprop_inc_percpu_max+0x130/0x130
[ 3286.328660]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 3286.329526]  ? lock_release+0x680/0x680
[ 3286.330172]  idr_alloc+0xc2/0x130
[ 3286.330723]  ? idr_alloc_u32+0x2d0/0x2d0
[ 3286.331372]  ? rwlock_bug.part.0+0x90/0x90
[ 3286.332051]  p9_client_prepare_req.part.0+0x612/0xac0
[ 3286.332884]  p9_client_rpc+0x220/0x1370
[ 3286.333525]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3286.334365]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 3286.335215]  ? pipe_poll+0x21b/0x800
[ 3286.335808]  ? p9_fd_close+0x4a0/0x4a0
[ 3286.336429]  ? wait_for_partner+0x3c0/0x3c0
[ 3286.337114]  ? p9_fd_poll+0x1e0/0x2c0
[ 3286.337738]  ? p9_fd_create+0x357/0x4a0
[ 3286.338370]  ? p9_conn_create+0x510/0x510
[ 3286.339023]  ? p9_client_create+0x798/0x1230
[ 3286.339731]  ? kfree+0xd7/0x340
[ 3286.340255]  ? do_raw_spin_unlock+0x4f/0x220
[ 3286.340970]  p9_client_create+0xa76/0x1230
[ 3286.341662]  ? p9_client_flush+0x430/0x430
[ 3286.342344]  ? trace_hardirqs_on+0x5b/0x180
[ 3286.343026]  ? lockdep_init_map_type+0x2c7/0x780
[ 3286.343791]  ? __raw_spin_lock_init+0x36/0x110
[ 3286.344509]  v9fs_session_init+0x1dd/0x1680
[ 3286.345202]  ? lock_release+0x680/0x680
[ 3286.345842]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3286.346659]  ? v9fs_show_options+0x690/0x690
[ 3286.347376]  ? trace_hardirqs_on+0x5b/0x180
[ 3286.348086]  ? kasan_unpoison_shadow+0x33/0x50
[ 3286.348812]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3286.349628]  v9fs_mount+0x79/0x8f0
[ 3286.350198]  ? v9fs_write_inode+0x60/0x60
[ 3286.350872]  legacy_get_tree+0x105/0x220
[ 3286.351525]  vfs_get_tree+0x8e/0x300
[ 3286.352120]  path_mount+0x1429/0x2120
[ 3286.352733]  ? strncpy_from_user+0x9e/0x470
[ 3286.353438]  ? finish_automount+0xa90/0xa90
[ 3286.354128]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3286.354863]  ? _copy_from_user+0xfb/0x1b0
[ 3286.355526]  __x64_sys_mount+0x282/0x300
[ 3286.356163]  ? copy_mnt_ns+0xa00/0xa00
[ 3286.356791]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3286.357627]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3286.358452]  do_syscall_64+0x33/0x40
[ 3286.359043]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3286.359851] RIP: 0033:0x7f01450cdb19
[ 3286.360448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3286.363370] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3286.364573] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3286.365713] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3286.366846] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3286.367969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3286.369090] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:23:17 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x38230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:17 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x97ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:17 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff33}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000a0ca43cb9ac1c07f6f9ba1a8049090b4e74dbe52972ab3739b18e9bb498dd30d2eadb7bba1d381e2c8957c5459330a61933e4b625fa0608c941bb2b3f54eb80e829eee4bb3e2f0fae7db0d3cdda98d875739f706dfcec078d698f37b2da27c214d9a5d75595d326306c3bff73c525b2dfd5f6a71d25c6e61c5a4add27f8d0854b4742635028ad8b9f2ddca68d292479fb4571ab96c82019e1d374d8270d273e199244d2a59065b525a3fa1a3ed8bb1e1edc7b730cc0c57ce07d7777628f11c32dfe28cafc3001cb31775bd3f881bb06116022391bf860073cc9d58d649bbde77c4461abddc66d8d5f8aff9c783988934209c0942de3e845aec2d612226b992dd9e4815878968db20a34a24", @ANYRES32, @ANYBLOB="0500000000b700ffea73ebfa525e0d01781ea32d4866746c65"])

11:23:17 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0xb6802, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:23:17 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x72150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:17 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xa0414, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="0001100000", @ANYRES32, @ANYBLOB="050000400f0000002e2f66696c653000"])
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$FITHAW(r1, 0xc0045878)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000140)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080)="96d84e66bde51972ed9b72d76648da371d194f0509cea8227d0454fa055b3d7d113a7cad94e5ae74f6a287c3df25593cdd8e1eed16da11edcbb25e96f6e93aa4e7a7176a3910fdd31c3e12c82befc44d3fc998383149a377850f6b93184e16d40c63835afa29807feda1643742add93f79eaf3aed96af0d1306ce9f09970d695634320687a47819caf10894714819dc569be29f2e0650582892a75da674ba76b48953fa076669af0ee49c21066a304fc6961fc47b1407c823f", 0xb9, r0}, 0x68)

11:23:17 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 46)

11:23:17 executing program 4:
r0 = epoll_create1(0x0)
openat(r0, &(0x7f0000000000)='./file0\x00', 0x800, 0x184)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000080))

[ 3286.971068] FAULT_INJECTION: forcing a failure.
[ 3286.971068] name failslab, interval 1, probability 0, space 0, times 0
[ 3286.973746] CPU: 1 PID: 90585 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3286.975297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3286.977165] Call Trace:
[ 3286.977770]  dump_stack+0x107/0x167
[ 3286.978583]  should_fail.cold+0x5/0xa
[ 3286.979434]  ? p9pdu_readf+0xadb/0x1d40
[ 3286.980325]  should_failslab+0x5/0x20
[ 3286.981171]  __kmalloc+0x72/0x390
[ 3286.981959]  p9pdu_readf+0xadb/0x1d40
[ 3286.982813]  ? pipe_poll+0x21b/0x800
[ 3286.983645]  ? p9pdu_writef+0x100/0x100
[ 3286.984534]  ? p9_fd_poll+0x1e0/0x2c0
[ 3286.985398]  ? p9_fd_create+0x357/0x4a0
[ 3286.986285]  ? p9_conn_create+0x510/0x510
[ 3286.987204]  ? p9_client_create+0x798/0x1230
[ 3286.988177]  ? kfree+0xd7/0x340
[ 3286.988909]  ? do_raw_spin_unlock+0x4f/0x220
[ 3286.989901]  p9_client_create+0xaee/0x1230
[ 3286.990858]  ? p9_client_flush+0x430/0x430
[ 3286.991799]  ? trace_hardirqs_on+0x5b/0x180
[ 3286.992827]  ? lockdep_init_map_type+0x2c7/0x780
[ 3286.993897]  ? __raw_spin_lock_init+0x36/0x110
[ 3286.994914]  v9fs_session_init+0x1dd/0x1680
[ 3286.995875]  ? lock_release+0x680/0x680
[ 3286.996782]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3286.997859]  ? v9fs_show_options+0x690/0x690
[ 3286.998835]  ? trace_hardirqs_on+0x5b/0x180
[ 3286.999788]  ? kasan_unpoison_shadow+0x33/0x50
[ 3287.000790]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3287.001917]  v9fs_mount+0x79/0x8f0
[ 3287.002702]  ? v9fs_write_inode+0x60/0x60
[ 3287.003617]  legacy_get_tree+0x105/0x220
[ 3287.004515]  vfs_get_tree+0x8e/0x300
[ 3287.005342]  path_mount+0x1429/0x2120
[ 3287.006189]  ? strncpy_from_user+0x9e/0x470
[ 3287.007136]  ? finish_automount+0xa90/0xa90
[ 3287.008084]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3287.009107]  ? _copy_from_user+0xfb/0x1b0
[ 3287.010045]  __x64_sys_mount+0x282/0x300
[ 3287.010937]  ? copy_mnt_ns+0xa00/0xa00
[ 3287.011793]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3287.012951]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3287.014100]  do_syscall_64+0x33/0x40
[ 3287.014920]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3287.016048] RIP: 0033:0x7f01450cdb19
[ 3287.016878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3287.020924] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3287.022615] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3287.024194] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3287.025776] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3287.027338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3287.028912] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:23:35 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x39230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:35 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(0xffffffffffffffff, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:23:35 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 47)

11:23:35 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x50, 0xffffffffffffffff, 0x0)
r2 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x4, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x2, 0x4000, @fd_index=0x3, 0x3, 0x0, 0x0, 0x2, 0x1, {0x1, r5}}, 0x2)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100040018000000", @ANYRES32, @ANYBLOB="03000001000000e0422f66696c65d03d"])
syz_io_uring_setup(0x43e, &(0x7f0000000140)={0x0, 0xbeba, 0x1, 0x3, 0x19e, 0x0, r2}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000240))
r7 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000180)=<r8=>0x0)
r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r7, 0x0)
syz_io_uring_submit(r9, r8, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r10 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r10, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r11, 0x1, 0x3d, &(0x7f0000000140), 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_SPLICE={0x1e, 0x3, 0x0, @fd=r2, 0x3, {0x0, r7}, 0x1, 0xe, 0x0, {0x0, 0x0, r11}}, 0x8001)
r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r8, &(0x7f0000000280)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd=r0, 0x100000001, {0x0, r10}, 0x9c4a, 0x5, 0x1, {0x0, r12, r0}}, 0x1)

11:23:35 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x98150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:35 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x73150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:35 executing program 4:
ptrace$getregs(0xc, 0xffffffffffffffff, 0x800000000000000, &(0x7f0000000000)=""/49)
r0 = epoll_create1(0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

11:23:35 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {0x0}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

[ 3304.655107] FAULT_INJECTION: forcing a failure.
[ 3304.655107] name failslab, interval 1, probability 0, space 0, times 0
[ 3304.657988] CPU: 0 PID: 90708 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3304.658124] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=90709 comm=syz-executor.0
[ 3304.659513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3304.659520] Call Trace:
[ 3304.659544]  dump_stack+0x107/0x167
[ 3304.659564]  should_fail.cold+0x5/0xa
[ 3304.659583]  ? create_object.isra.0+0x3a/0xa20
[ 3304.659600]  ? create_object.isra.0+0x3a/0xa20
[ 3304.659620]  should_failslab+0x5/0x20
[ 3304.659640]  kmem_cache_alloc+0x5b/0x310
[ 3304.659663]  create_object.isra.0+0x3a/0xa20
[ 3304.670536]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3304.671665]  __kmalloc+0x16e/0x390
[ 3304.672457]  p9pdu_readf+0xadb/0x1d40
[ 3304.673364]  ? pipe_poll+0x21b/0x800
[ 3304.674206]  ? p9pdu_writef+0x100/0x100
[ 3304.675080]  ? p9_fd_poll+0x1e0/0x2c0
[ 3304.675926]  ? p9_fd_create+0x357/0x4a0
[ 3304.676805]  ? p9_conn_create+0x510/0x510
[ 3304.677725]  ? p9_client_create+0x798/0x1230
[ 3304.678684]  ? kfree+0xd7/0x340
[ 3304.679403]  ? do_raw_spin_unlock+0x4f/0x220
[ 3304.680376]  p9_client_create+0xaee/0x1230
[ 3304.681319]  ? p9_client_flush+0x430/0x430
[ 3304.682275]  ? trace_hardirqs_on+0x5b/0x180
[ 3304.683217]  ? lockdep_init_map_type+0x2c7/0x780
[ 3304.684265]  ? __raw_spin_lock_init+0x36/0x110
[ 3304.685277]  v9fs_session_init+0x1dd/0x1680
[ 3304.686240]  ? lock_release+0x680/0x680
[ 3304.687122]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3304.688182]  ? v9fs_show_options+0x690/0x690
[ 3304.689154]  ? trace_hardirqs_on+0x5b/0x180
[ 3304.690125]  ? kasan_unpoison_shadow+0x33/0x50
[ 3304.691118]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3304.692224]  v9fs_mount+0x79/0x8f0
[ 3304.693039]  ? v9fs_write_inode+0x60/0x60
[ 3304.693965]  legacy_get_tree+0x105/0x220
[ 3304.694862]  vfs_get_tree+0x8e/0x300
[ 3304.695670]  path_mount+0x1429/0x2120
[ 3304.696500]  ? strncpy_from_user+0x9e/0x470
[ 3304.697429]  ? finish_automount+0xa90/0xa90
[ 3304.698377]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3304.699385]  ? _copy_from_user+0xfb/0x1b0
[ 3304.700289]  __x64_sys_mount+0x282/0x300
[ 3304.701180]  ? copy_mnt_ns+0xa00/0xa00
[ 3304.702050]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3304.703189]  do_syscall_64+0x33/0x40
[ 3304.704007]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3304.705130] RIP: 0033:0x7f01450cdb19
[ 3304.705966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3304.710019] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3304.711682] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3304.713241] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3304.714817] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3304.716381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3304.717953] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:23:35 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x99150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:35 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000010000001800000052b25f2700241aac509d112a39e4b221ddc4bea11d265fb1a65956a7748f2b3b33e25b86b74f504e2dc596f92793df0b18032a9d9531a1fde57f6aa7acc6c761cba3761aace7389fe6015a0450d53a0663accd4d0d5f322f87b2a3b99a4f7c914cc0d368ff0275242216584f2cf6096d4ec82023318dcf435c2c90f995a56b26f0bd0d7535d581261c2d249f271bc202a28241ae17d17c49b5c65361b426af38c79d803bf08b6db3c56b50424de1bd47e44b0f48a3b0dbaeaa1677b15512cf02a9f4524294669697974e755e5101ff3cffe71224a4932c2db1ff8cb8e6f70d23a9b92a58120197c4e0dd240ff15d1a76ee9ccd84d9f1bf320b874bfd730bec00ce4b2041be87380d1c68d9dbbb330e8641fd76b24778c3953aacbc2aa7b2609ddf8a415e09ee4d2ef83fb9b0b4cfafdc8607cccb1a439e8f", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])

11:23:35 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x74000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:35 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(0xffffffffffffffff, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:23:35 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x3a230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:49 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:23:49 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x9a150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:49 executing program 4:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
fgetxattr(r0, &(0x7f0000000000)=@random={'btrfs.', '!\x00'}, &(0x7f0000000080)=""/208, 0xd0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:23:49 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 48)

11:23:49 executing program 5:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x140, 0x0)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="000229bd7000fbdbdf250200000014000100fc01000000000000000000000000000105000500010000000500060008000000140004000600000081000000ffffffff0900000014000100fc0200000000000000000000000000080500050000000000050005000200000010000400d1fcffff0600000073000000140004000dc70000ff070000ffffffff6611b0ff"], 0x94}}, 0x4000000)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000300))
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)=ANY=[@ANYBLOB="20375eb2562e0174d03ccc80c91448c59a2c281127d67a7d1598b3e410ea4e8d4d4155264914eac8c1d6180c75cb1cd4ca399631923d8a348ac259b48a6fa68d56726a5f114bce3d04cd418c4df88366f249ed1becc595bba92b65c4a439d9c9cdec5f07fb5191bdc284883e0659e152740d66c4017e44e6aa40d642904e9fae57880f1895183f8522a767c3d03149a8a721d8966826019dbea012c96438c36fa4c493fffee014d7982a7f91e44a", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])
syz_mount_image$ext4(&(0x7f0000000700)='ext2\x00', &(0x7f0000000740)='./file0\x00', 0x100000001, 0x6, &(0x7f0000001b40)=[{&(0x7f0000000780)="fdda93afc226d698ea4df4f9dacadd8a2d4b065db729b3ed6f351b8d268c8cf6a927e4e317738c2abd095c1f55d8919e82377400a727b26fdc4b97e31af72289c3b86a39320c15f63a648307a857e738c4c38ef7a4a73999cac98a70275d05773cb30b0ac6f37ca692d899fbd569840b80dc66a3fdcff38bba56d6f893b5a3bdae3e30a551a4df71626c70c60b8efd43c7de68471c9fd4e33f176700c1076f9367c88ff9c60114d9f51cd578d05d243364fef261ab2047945a65b22c631cd2d31a0fa985f66feb3116fdfe2999d707b2a648b09c", 0xd4, 0x1ff}, {&(0x7f0000000880)="5f54740e814750248bd01018a5fe47fd295a4658143bdf655cbff085e9852fc75385ec07cbd3529c1c4eae0227b6a43f4eabbfe6c63fcb7232ca9b2cea4cd50db2630709bf3050916660bc65e5e364fd10c7e91111844a4b5045952f21332c37c72e95321cc62580ad0f47c3c1ea836a2a141ff8638933f65508c61daf665c25007aabf42506adbd91482394163190c310eac581450f4b886a6e898cfee5f8c9deb10fc356dbdbf5cfccb4e03f67dfcdee801c6f0bea36ee7cc50055dbcee6ca4ca20b030ea2844a6e57bfb9c7dfaefa2b3bd816469d669187", 0xd9, 0x2}, {&(0x7f0000000980)="5decb34592ed8335ff7beb1424f7f2ffe4fd903aab1888cb3ba9467a078e0e1145eb000b0216c1238766d88b02674aa397ae108e3c2b759ac4ebbb5354eb26e26e34a5af4a19ced0884bc590677e63fdcd2c0847943ddb4b834531c0662bd202c6902ecb49d2f2e5f3e952aacf32ee67fe38a74900016aad941841b92f9e261503929894a2d732b1b2c6168546a8018f7c673697526f3acc0dd7a095", 0x9c, 0x3}, {&(0x7f0000000a40)="fa8b124c5acdeef21412a84027028aa7f7", 0x11, 0x100000001}, {&(0x7f0000000a80)="a4571c500694ec652827bf14952c92e91e3ad05b7d344737578302a73ea900772382d6ef7844d4d9441d4303720065d8e2773eb28567ce9205472c830721884437060b00a2778b2151635a0e2ddfd1586e5c7121686d8fab36ea53288a3541eb1d8ba8a3a2abce6b50692daaac0cb3ebce999d0e89b3df74493260f76aa6eff3032852122a15d81d35f276ae9de0d729ccbc8307a198a4a1acc5ee171da62a4294e180d0a14618f11a344b36b45c2f", 0xaf, 0xfffffffffffffffd}, {&(0x7f0000000b40)="7ce5b86fcc60ffe3b6c40b4dbb724628905126f67da530e6b7779c50704aeaadd0813d8e70a24c000b75705414686f026aa40b571bbcd9c84ce53fea1b48e4d83956857e24681adc60e8b6f28b0a9366274c1423372ee49d3c14a268e33917a570af737804a9c44dc5155502fff0af500e5dd73012ee016aeafa8eacea0e70a75d0d3a724bca90afcb350877b85d798cd53fc3d874a79c38b9d4fb16f5c523bd9b6dd9cec897badeb651383b23312bc36b872bba20dd6a75a9cbeb7a29bf11b7b9a13fe6f3ab01e782d299e6401a8dc282f894a1b8b7246dcea1fe538dea415c7684c779c3a75c535e3169196fbae72b9225e1c56a0331cb223593c67d60dbf23079e66ff57d2f63bdcda20b960b84398d3d083fd5a5eb024a0068a2fccb01825406eceae139f984d1dd590a8415f934c79f51c5da3633b37e6f733d811db0033f46ef8f9d4d7d40f41fe8067a4a142dab2c3c78677713ea0e4f4fb42b3253946891f9a83c78e7143c6329a5fa7cceb97da361263e1b2f0bf6c6a4d16a368802c0492ae507b384436a866b17aafc08fbbaaa6707603ddea3580c5c0b026055740f931535582c004cdc11f14b1d8ab189e5c22ced63f52aa3fcf12194b95779631bee8ad2f9c9dee2982ba1dbf26d94ebfbd6e44258f311dacaf9104b6ba7e91fc8c92418a9d93f69a5d5acfef6057662add9ded5a6a278b4c2bba38b81dd4992617d780a4fa0451de8aede3768292f46429aa7901b01311b31576bb09549eaf883c09e00aa7c94df0673537acd11a41eb8467c9a87c11022518e6160ac1dba9be18c8d69e28160754760ef44dfc835a11e73922643f97d3cd0b9c9f37fb1c19112639b08d9675ac9af1a9d0a27715ae4e68f87774e6c5f9e8bd8b399f0e5299f3bba31d2c98b1c3a81661bb93ad938f3a6cca045a2e17bd128aa7087608fd442523f298c707a1a3f8b0ffee71696c77cc123b64d633dc93d607f79d58534302238593a31962843efb851f4218469a887c0f21e9cc1fb34c9dd27d88ce96215f2f936482f0ce9a3dd10d370c9a9e434bf5e8ca199bf4511f93ea0eca2c319c211cf87a8a76c61802f05faf6c6bcada0b51a8c3799e8ba15eee8d42807f77ae0e9e782809a3c1de9b3edcb3dabcb220c6cf1186156b8cfea638004c7e1650e6e1aa37fc04042e4156e53bba7d11b93494cc0c252f86d144c83abdb276da5baba661b04e387a4735d3a0a72c55ffe04eb4fcf1ba371adc469a5ca17bd99d628f4afead27968b047f1317ce5e238afe91af03e8d7f0c08fc3f9baaf5a49dd6eadd7839965b3e931f216ff011b0ebd175bd7f6e8eb891038364298edbc3291a6a2a300ebaccf2c64b5105a18a24745154eeadc59a80794dc53439b65d235e580d6b68d0ead8264f463e9f4f483e8389f25ecf9c613ea96deb8cfbe96cde7329fe59445273c2fac5c091ee0a2fec092c75a3a8d4fc740b9d96047c21278fb01d3511bca3a45f3062c69cae1a8aaf1a758b66dbbfccc4d98d4ef8b4adfe16a852b541d53516300b30f8388f382d03bde6dc711bf4825467e2bb98d829f74629ae6426abca39cca198b231353189129096d501fd00c295fe89d58e8f9275235aa9e9fc6f0f6d1c4ded42a470181d918bab7b47acf6676c012ac16943bfde468f566984fb7dccf7628d697186fb993983650b8bfceccbbc9f38105bf129ba04309d9306d0e30a9791f85e4c13432ce6eb9b744e10bf96311b5f25e9dddd5424145a7af32967f66d49056900b59fd2165d379100123571307a07ca176749c0cf9f125e35b00fc5edae23882a180ae854f509f07b1a6709c126378ffdf26e8404713e5c97dc020f2d0b34e086bdce15491419c5bdd1aec240202c968f79d5f317997d8a7e5f1208fbd1c3312b08871ec7c08d87749f61d7aff05042f1773025d0c7d7a9ee41a29c2ac1c863eb9ed220bd03d74f19403801d2b45caea11a0959910a0a76bee97f815dd21b73897b5ad020ef7cb656ee8771c4d41dd8a62574dffef79a1995eb2cb6a7afe54030bdfe67af61229fb645bdcfc56476daec1d622307df3d2071a701cf536112964b6664ee1a023589e2d5eb867b44566203162b01c5bc14902439e238ffe262515766c2c08dd3fe746b32b7e70375454404aaaa436fed4814093aa890afc49a283a0878faaba114d0dea43ec857f13188b1b9f3ce116e5f332089d534fb877188949e7d92f956c62c0a5c7682887ad168193c1af274a221852e8dbc87e890676a36dfc21476a08bdb5a1ac050b169bd502c14756691f0bee6cbc61323d175b0e231fca61c2efc3c7a52c23d17a8c758cce00cc662d0db38e80bbde59732357bf85cbba4b874069570527db5445beb2013273679717873a4bd8b8b04b87cf4cc5668df52789de5d30b35896d811d8a6a7e185ab445905ec6494a807e8a715d17a70f1ea675b39db43f1e726997cedc36a025dddb8748c4ec31f8f24308d46987fbd21c34bc8c71375c3d1aa14f3929a3cc941644094fe33d8270e8ffae4991dfb7ca0044e4c6d5f9d410f606652fe8d4f61a63c27c2b49341ba0c1aed55a4f4f7e9cf5e5dabaade3ad44e01f074f5bad5b6672f3a1a753d1ba567253e3cb8de4d21db80f314fab33229763feed02f05b7ed17f9f91b389fec18c6ae0adfed5f1e86937fcc95b9ae13a0133cfd4490804aed59f81ab8e6c59d35654d16b23dca7de8aae221076eaa1f5baba7f25b85ecc0b7232aebb51f29113d06586b1161f1c4b1caf54403106fa195ced63b3a9cd37becd9804233f748ec24dd8259842e5ed551ceb7a724868ade08a8382513fcd0bb8c11878377fbd1472289df4c769ea50c01c7fadfc76c57a4220806307dcf1422e2047fb32b4268acd4769d048fe1e6ad389937ef46a7282f3c72db8c412bf6bcbd42c234cc304f66a7b12c659c6427e1f5c7e52dc7e60d217f08b472a1ab1b15395c7f6ab96ce3d07e727181ee9b2ac04c128328075a5c83cec0d5a575911d1e87dc8fc7e1e98c03d5c3ff4aeb19c199686497a4b32c859dc65ca32389f305ea2a25d060e38bace02c3d767cb5cba91984d52327a0254986430cdd75ae5f445c01ba4a096b2976fcf83764168b61fc902ea3446255cddceec2e90b5371ad36f49609115e531f0edc5df7010342859af68ba74b5321f7befe0848befce5f9bb2ce62e34d4b4d8150b89d6f1ab486bac6687466d1ed3e152e67f0dde24fb28afe77f695f0266f1b8205cd2439dffca947aa0d73bf99178732c057b5eaeed3689c822d3ed80f5231bccd7446b8292229677bea7ba2d6e9774314dde4a99436fce2a3fd37069ba06b92ca0934931b93a2ac846fc984831cce2b7a22887752488c7e401b06328263b2283825ecbba3e838c89ce9c2acc254176cd13362a42397859233f948c5a69467e3f99d13a08d87efaffb988837c0bb1c6812e2e3deb7270a16f70a40f4d9ced30eefd683b0a3e7cac763792bd6f042e5b9063382644359119e9a828ac6faaf5a9e5a560f3eb40d0bbcd8815c5a7080132aeef8af445a3d2d0885073b20439f794f453556f613aa067a3c7d84f3c335ee770a731d95d31353c6389a232223dfcf29ffcc778ef86fced61a264bd6222c6934dff231d7e2ac336714431296fe0da64a80987c4d2dd4c1beb96ea8b0217700114650f698f8f62ee2299362b22194feea6cb2d1ab127e86bdfe23ab347d601aadb24b6d3c700dd5d0cccb6bfc38aaa79b72e4f2d17570b35f07d399fb9cf4e6a6f066ddb0ce6354049dc90c0e6fc74a82e7e3f9bb6a6515a5eeb24c254406677fd485e53ebb3e394244c28e33ce8ff9244f3afb02c76ad30fd8203dc1697f9610fbfc30da0ab4b9b2442b75aaf48802221645273115e072a724e4fdd5f8c2083704248948dee46bae5e36876a932a4e16eec6607ba115cfc555d839b6229738dd7f120cb0dc08f0c796e11e1aa55aa4befb81b5864bf3dc55b06de0497e01adbb588f82afa9ccde1736ab3b3107121a2e144f0365003c5c9c2188f844b67afc86ce0b884badc9878f209cbbf3fea2c7b8afb56bab1fb3bc96578f654ff136c365db4a94215e9d7cfdb49414d2a399e3207bd6844c38195480de3f8b0413c0dc67f228cee1a4de0d358d46aca84eceb0b41a371e07d2f8cbcfee186be3f8e70a5f5fcc8c8ef26748b9a326b9e7c5af993289091901d15deabdb20d4711509cba7446d7b14d4b54e8142ade52bf251ba7ce36e7b8d4c3427d559c06d838fe0cf5d45678ea4bc89b72a6a16daaa36a60a602d518c516cfcd946646e66d4826af9261f8d2a418a2ab2bc6d096cc1384f6a627b402c3af98a6cf5341c1b80e5c8b14aaf17de5f9df5d9177d83a33dbf8d9a0081268ce36bcb589b7989206acb11b3c0827c4945da32e44e1a35da83be32fc942bc25019bf6b343c40ca4907e28ec1ad22ccd4a3fbf7279f5317ab2882fc05fc23252d88d902c739624ff6a36ff0ccdc213acae66f96c8169c3f0d68912b90a5cff6f76fcb5659cc7a335f7cd1f4edff70511cf17fe01daf46351cb8c78f6d2771131789f0d782447dd4e5a3648e05d4b7df6458a0fa72eb7891e0980bbf7382d5839a927befeb3f0e8c3daefb40cc198351497863817471a1fa91547ff498fdcb7503455b1de416159ee93efa9d2df7b88bb5680550910d829d51a3bd820d4e29bf4d46b8276ba03e70e5736921b06a124e5ddce645258137fb76bac975fae2af019aefbd95205b65bd5102c9d0110a42d9bb0ac1b2864e7ed20fd99d700312bce873f357372f49abadd14cbd31b0d4855c8d5dda3e67bd9a52abf36d9cdaa1553e15395329cc8296312c33089dd7cb752b402825a6f44a94160317249193be2111712afa25508a3f2bb358c040f40d96787ba23c53cf5bd645f28f570e7078fac70bceecabb973284c8a0bcc23b5cadc1a552d63c8976d8dbf121fecf2b01d82201437ea364280cf714231d40985e2b56271a4d05cc344137956c28bd65c0dccf541b6a7f03e736328a8c0d2f0aa8efa844de26bdf997e48712d6599e42046884a1bc28dd3fc6c3e670e76ad893941aba4d4120bf6b8be5e239cd7d513aea3d88dcb9a011e1a7f51a57f06ab98c3304a3db6477974bf8a72406787b8c4404e6bcf2b27f7aaf8faace5b6924496a612afd73a0e2e19e39c43086f099c17943c24b19786e83723abd9a5d391bc2ee789c9339da32f3c413a06496edbc0929e58e1f20ebbe37e326dd3c470ce38d852263a6a675b5dde737ac019bf719bccd51fcfe6923b0d709000161f4de51e18bb9335cf6b07c6143b0c9ac3651cf7d22fd8e009933e302b0209ad84528200a9ded1584d0683cea25cdebfccd9e36d74bf55e9bcc24cfb3a293d8762e628b769d5cc5ed9e6b196c5af84b87fe1704030181b92020e4eb9ee1417433e2491e3afc8e815ec92ccbd00cf74fe1f0f1a36210c1ec536374001f735b73a9bc29828913d21f512063f2b858fbc79e2f9fefb34869eb55d7301655d8ac5195b7f5214d6bbf8ca1127307888a88b880e89641441d4cfd1ed1de22589ca220d288bd83b5c81a67a728e7dcc0dc86ba74060ad17b701969b54135b485f87b6f7575c38bbd1ace122acfcd07e69bcb14fe3ae1e4e3bfb0f1ebe6dce828d181f2891567cb35ca16a7c5d446c69753e2a62c212bb81e8ca10d15af8ce318296d14db7067dbadfad94f43021c8d52475a62fb09b77139467fff2c96800b92f3c8c0a73259a24518245de656efe90ca960f7389f23d3737d2c0836aa8d", 0x1000, 0x1f}], 0x0, &(0x7f0000001c00)={[{@auto_da_alloc}, {@journal_async_commit}, {@data_err_abort}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}], [{@context={'context', 0x3d, 'system_u'}}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x9d1813187badd721, 0x31, 0x37, 0x39, 0x3a, 0x63, 0x37], 0x2d, [0x34, 0x65, 0x37, 0x3], 0x2d, [0x65, 0x35, 0x65, 0x33], 0x2d, [0x64, 0x32, 0x65, 0x34], 0x2d, [0x64, 0x64, 0x31, 0x64, 0x35, 0x37, 0x35, 0x62]}}}, {@smackfsroot={'smackfsroot', 0x3d, '\xb1)@-:])}'}}, {@seclabel}, {@smackfshat={'smackfshat', 0x3d, '*)+{*'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]})

11:23:49 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x74150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:49 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x3b230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:49 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(0xffffffffffffffff, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

[ 3319.050920] FAULT_INJECTION: forcing a failure.
[ 3319.050920] name failslab, interval 1, probability 0, space 0, times 0
[ 3319.053012] CPU: 0 PID: 91544 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3319.054216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3319.055648] Call Trace:
[ 3319.056165]  dump_stack+0x107/0x167
[ 3319.056799]  should_fail.cold+0x5/0xa
[ 3319.057455]  should_failslab+0x5/0x20
[ 3319.058106]  __kmalloc_track_caller+0x79/0x370
[ 3319.058890]  ? kasprintf+0xbb/0xf0
[ 3319.059494]  ? __delete_object+0xb3/0x100
[ 3319.060203]  kvasprintf+0xb5/0x150
[ 3319.060812]  ? bust_spinlocks+0xe0/0xe0
[ 3319.061497]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3319.062408]  kasprintf+0xbb/0xf0
[ 3319.062988]  ? kvasprintf_const+0x1a0/0x1a0
[ 3319.063731]  ? kmem_cache_free+0x249/0x2d0
[ 3319.064454]  ? p9_client_create+0xbfa/0x1230
[ 3319.065206]  p9_client_create+0xc1b/0x1230
[ 3319.065934]  ? p9_client_flush+0x430/0x430
[ 3319.066653]  ? trace_hardirqs_on+0x5b/0x180
[ 3319.067430]  ? lockdep_init_map_type+0x2c7/0x780
[ 3319.068236]  ? __raw_spin_lock_init+0x36/0x110
[ 3319.069018]  v9fs_session_init+0x1dd/0x1680
[ 3319.069763]  ? lock_release+0x680/0x680
[ 3319.070447]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3319.070893] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=91543 comm=syz-executor.0
[ 3319.071263]  ? v9fs_show_options+0x690/0x690
[ 3319.071284]  ? trace_hardirqs_on+0x5b/0x180
[ 3319.071297]  ? kasan_unpoison_shadow+0x33/0x50
[ 3319.071310]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3319.071325]  v9fs_mount+0x79/0x8f0
[ 3319.071338]  ? v9fs_write_inode+0x60/0x60
[ 3319.071354]  legacy_get_tree+0x105/0x220
[ 3319.071369]  vfs_get_tree+0x8e/0x300
[ 3319.071409]  path_mount+0x1429/0x2120
[ 3319.071432]  ? strncpy_from_user+0x9e/0x470
[ 3319.071453]  ? finish_automount+0xa90/0xa90
[ 3319.081595]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3319.082388]  ? _copy_from_user+0xfb/0x1b0
[ 3319.083084]  __x64_sys_mount+0x282/0x300
[ 3319.083767]  ? copy_mnt_ns+0xa00/0xa00
[ 3319.084427]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3319.085315]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3319.086183]  do_syscall_64+0x33/0x40
[ 3319.086802]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3319.087654] RIP: 0033:0x7f01450cdb19
[ 3319.088275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3319.091367] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3319.092621] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3319.093810] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3319.094986] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3319.096193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3319.097355] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:23:49 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fef000/0x3000)=nil, 0x3000, 0x1000005, 0x100010, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r0, r3, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x8)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x20010, r1, 0x0)
syz_io_uring_complete(r5)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:23:49 executing program 4:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
fgetxattr(r0, &(0x7f0000000000)=@random={'btrfs.', '!\x00'}, &(0x7f0000000080)=""/208, 0xd0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:23:49 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 49)

11:23:49 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x3c230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:49 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x75150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:23:49 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x9b150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3319.373617] FAULT_INJECTION: forcing a failure.
[ 3319.373617] name failslab, interval 1, probability 0, space 0, times 0
[ 3319.375619] CPU: 0 PID: 91872 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3319.376561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3319.377679] Call Trace:
[ 3319.378035]  dump_stack+0x107/0x167
[ 3319.378523]  should_fail.cold+0x5/0xa
[ 3319.379034]  ? create_object.isra.0+0x3a/0xa20
[ 3319.379649]  should_failslab+0x5/0x20
[ 3319.380156]  kmem_cache_alloc+0x5b/0x310
[ 3319.380693]  ? vsnprintf+0x4ba/0x1600
[ 3319.381200]  create_object.isra.0+0x3a/0xa20
[ 3319.381789]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3319.382443]  __kmalloc_track_caller+0x177/0x370
[ 3319.383030]  ? kasprintf+0xbb/0xf0
[ 3319.383503]  kvasprintf+0xb5/0x150
[ 3319.383973]  ? bust_spinlocks+0xe0/0xe0
[ 3319.384499]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3319.385200]  kasprintf+0xbb/0xf0
[ 3319.385664]  ? kvasprintf_const+0x1a0/0x1a0
[ 3319.386238]  ? kmem_cache_free+0x249/0x2d0
[ 3319.386802]  ? p9_client_create+0xbfa/0x1230
[ 3319.387385]  p9_client_create+0xc1b/0x1230
[ 3319.387949]  ? p9_client_flush+0x430/0x430
[ 3319.388508]  ? trace_hardirqs_on+0x5b/0x180
[ 3319.389075]  ? lockdep_init_map_type+0x2c7/0x780
[ 3319.389710]  ? __raw_spin_lock_init+0x36/0x110
[ 3319.390317]  v9fs_session_init+0x1dd/0x1680
[ 3319.390887]  ? lock_release+0x680/0x680
[ 3319.391416]  ? v9fs_show_options+0x690/0x690
[ 3319.391994]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3319.392684]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3319.393391]  ? trace_hardirqs_on+0x5b/0x180
[ 3319.393965]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3319.394687]  v9fs_mount+0x79/0x8f0
[ 3319.395152]  ? v9fs_write_inode+0x60/0x60
[ 3319.395700]  legacy_get_tree+0x105/0x220
[ 3319.396232]  vfs_get_tree+0x8e/0x300
[ 3319.396721]  path_mount+0x1429/0x2120
[ 3319.397222]  ? strncpy_from_user+0x9e/0x470
[ 3319.397798]  ? finish_automount+0xa90/0xa90
[ 3319.398364]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3319.398975]  ? _copy_from_user+0xfb/0x1b0
[ 3319.399508]  __x64_sys_mount+0x282/0x300
[ 3319.400040]  ? copy_mnt_ns+0xa00/0xa00
[ 3319.400589]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3319.401275]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3319.401964]  do_syscall_64+0x33/0x40
[ 3319.402451]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3319.403124] RIP: 0033:0x7f01450cdb19
[ 3319.403608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3319.406007] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3319.406994] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3319.407921] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3319.408850] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3319.409787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3319.410723] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:23:50 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="02950000000000002e2f66696c653000"])
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000008, 0x10, 0xffffffffffffffff, 0x8000000)
r3 = syz_io_uring_setup(0x5d79, &(0x7f0000000080)={0x0, 0x4100, 0x8, 0x2, 0xee, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000100)=<r4=>0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r5, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x200000, 0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r3, 0x0)
syz_io_uring_submit(r2, r4, &(0x7f00000001c0)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0xb7, &(0x7f0000000180)=[r5, r6, r0], 0x3, 0x0, 0x1, {0x0, r7}}, 0x3)

11:23:50 executing program 4:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x5}}, './file0\x00'})
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0xd)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000080)={0x5e, 0xa, 0x0, 0x5, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, @loopback, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1]}, 0x58)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r4=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x3, 0x6}, 0x10)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@mcast2, r4}, 0x14)

[ 3319.441725] device syz_tun entered promiscuous mode
[ 3319.453913] device syz_tun left promiscuous mode
[ 3338.230472] FAULT_INJECTION: forcing a failure.
[ 3338.230472] name failslab, interval 1, probability 0, space 0, times 0
[ 3338.232469] CPU: 1 PID: 92196 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3338.233470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3338.234618] Call Trace:
[ 3338.235005]  dump_stack+0x107/0x167
[ 3338.235534]  should_fail.cold+0x5/0xa
[ 3338.236094]  should_failslab+0x5/0x20
[ 3338.236656]  __kmalloc_track_caller+0x79/0x370
[ 3338.237328]  ? kstrdup_const+0x53/0x80
[ 3338.237892]  ? kasprintf+0xbb/0xf0
[ 3338.238426]  kstrdup+0x36/0x70
[ 3338.238891]  kstrdup_const+0x53/0x80
[ 3338.239402]  kmem_cache_create_usercopy+0x12f/0x2f0
[ 3338.240125]  p9_client_create+0xc6a/0x1230
[ 3338.240753]  ? p9_client_flush+0x430/0x430
[ 3338.241370]  ? trace_hardirqs_on+0x5b/0x180
[ 3338.242004]  ? lockdep_init_map_type+0x2c7/0x780
[ 3338.242698]  ? __raw_spin_lock_init+0x36/0x110
[ 3338.243377]  v9fs_session_init+0x1dd/0x1680
[ 3338.243992]  ? lock_release+0x680/0x680
[ 3338.244578]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3338.245269]  ? v9fs_show_options+0x690/0x690
[ 3338.245876]  ? trace_hardirqs_on+0x5b/0x180
[ 3338.246518]  ? kasan_unpoison_shadow+0x33/0x50
[ 3338.247173]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3338.247902]  v9fs_mount+0x79/0x8f0
[ 3338.248416]  ? v9fs_write_inode+0x60/0x60
[ 3338.249015]  legacy_get_tree+0x105/0x220
[ 3338.249604]  vfs_get_tree+0x8e/0x300
[ 3338.250154]  path_mount+0x1429/0x2120
[ 3338.250711]  ? strncpy_from_user+0x9e/0x470
[ 3338.251355]  ? finish_automount+0xa90/0xa90
[ 3338.251938]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3338.252633]  ? _copy_from_user+0xfb/0x1b0
[ 3338.253233]  __x64_sys_mount+0x282/0x300
[ 3338.253817]  ? copy_mnt_ns+0xa00/0xa00
[ 3338.254393]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3338.255158]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3338.255914]  do_syscall_64+0x33/0x40
[ 3338.256448]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3338.257140] RIP: 0033:0x7f01450cdb19
[ 3338.257672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3338.260165] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3338.261254] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3338.262233] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3338.263245] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3338.264258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3338.265269] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3338.266326] kmem_cache_create(9p-fcall-cache-579) failed with error -12
[ 3338.267295] CPU: 1 PID: 92196 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3338.268267] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3338.269388] Call Trace:
[ 3338.269762]  dump_stack+0x107/0x167
[ 3338.270269]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 3338.271018]  p9_client_create+0xc6a/0x1230
[ 3338.271591]  ? p9_client_flush+0x430/0x430
[ 3338.272193]  ? trace_hardirqs_on+0x5b/0x180
[ 3338.272772]  ? lockdep_init_map_type+0x2c7/0x780
[ 3338.273442]  ? __raw_spin_lock_init+0x36/0x110
[ 3338.274084]  v9fs_session_init+0x1dd/0x1680
[ 3338.274699]  ? lock_release+0x680/0x680
[ 3338.275236]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3338.275919]  ? v9fs_show_options+0x690/0x690
[ 3338.276512]  ? trace_hardirqs_on+0x5b/0x180
[ 3338.277142]  ? kasan_unpoison_shadow+0x33/0x50
[ 3338.277756]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3338.278483]  v9fs_mount+0x79/0x8f0
[ 3338.278963]  ? v9fs_write_inode+0x60/0x60
[ 3338.279548]  legacy_get_tree+0x105/0x220
[ 3338.280091]  vfs_get_tree+0x8e/0x300
[ 3338.280617]  path_mount+0x1429/0x2120
[ 3338.281125]  ? strncpy_from_user+0x9e/0x470
[ 3338.281731]  ? finish_automount+0xa90/0xa90
[ 3338.282313]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3338.282973]  ? _copy_from_user+0xfb/0x1b0
[ 3338.283529]  __x64_sys_mount+0x282/0x300
[ 3338.284100]  ? copy_mnt_ns+0xa00/0xa00
[ 3338.284620]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3338.285356]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3338.286079]  do_syscall_64+0x33/0x40
[ 3338.286602]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3338.287284] RIP: 0033:0x7f01450cdb19
[ 3338.287807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3338.290260] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3338.291347] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3338.292287] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3338.293293] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3338.294310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3338.295304] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:24:08 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x76150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:08 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bf", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:24:08 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x20, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0xff8, 0x16fe}, 0x0, 0x0, 0x800200}, 0x0, 0x3, 0xffffffffffffffff, 0x9)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x800, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x40010, r0, 0x8000000)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100001d0100000018000066942d6812159200", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])

11:24:08 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x3d230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:08 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:24:08 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:24:08 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 50)

11:24:08 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x9c150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3338.314170] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=92237 comm=syz-executor.0
11:24:09 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 51)

11:24:09 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:24:09 executing program 5:
syz_io_uring_setup(0x29a5, &(0x7f0000000080)={0x0, 0xebf, 0x8, 0x3, 0x165}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000100)=<r0=>0x0)
syz_io_uring_submit(0x0, r0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 3338.512015] FAULT_INJECTION: forcing a failure.
[ 3338.512015] name failslab, interval 1, probability 0, space 0, times 0
[ 3338.515001] CPU: 0 PID: 92514 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3338.516461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3338.518230] Call Trace:
[ 3338.518841]  dump_stack+0x107/0x167
[ 3338.519618]  should_fail.cold+0x5/0xa
[ 3338.520420]  ? create_object.isra.0+0x3a/0xa20
[ 3338.521359]  should_failslab+0x5/0x20
[ 3338.522275]  kmem_cache_alloc+0x5b/0x310
[ 3338.523300]  ? lock_acquire+0x197/0x470
[ 3338.524245]  create_object.isra.0+0x3a/0xa20
[ 3338.525220]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3338.526318]  __kmalloc_track_caller+0x177/0x370
[ 3338.527302]  ? kstrdup_const+0x53/0x80
[ 3338.528159]  ? kasprintf+0xbb/0xf0
[ 3338.528982]  kstrdup+0x36/0x70
[ 3338.529722]  kstrdup_const+0x53/0x80
[ 3338.530595]  kmem_cache_create_usercopy+0x12f/0x2f0
[ 3338.531708]  p9_client_create+0xc6a/0x1230
[ 3338.532622]  ? p9_client_flush+0x430/0x430
[ 3338.533523]  ? trace_hardirqs_on+0x5b/0x180
[ 3338.534449]  ? lockdep_init_map_type+0x2c7/0x780
[ 3338.535403]  ? __raw_spin_lock_init+0x36/0x110
[ 3338.536321]  v9fs_session_init+0x1dd/0x1680
[ 3338.537210]  ? lock_release+0x680/0x680
[ 3338.538068]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3338.539078]  ? v9fs_show_options+0x690/0x690
11:24:09 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x9d150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3338.540022]  ? trace_hardirqs_on+0x5b/0x180
[ 3338.541090]  ? kasan_unpoison_shadow+0x33/0x50
[ 3338.542063]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3338.543133]  v9fs_mount+0x79/0x8f0
[ 3338.543881]  ? v9fs_write_inode+0x60/0x60
[ 3338.544752]  legacy_get_tree+0x105/0x220
[ 3338.545606]  vfs_get_tree+0x8e/0x300
[ 3338.546386]  path_mount+0x1429/0x2120
[ 3338.547196]  ? strncpy_from_user+0x9e/0x470
[ 3338.548156]  ? finish_automount+0xa90/0xa90
[ 3338.549071]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3338.550051]  ? _copy_from_user+0xfb/0x1b0
[ 3338.550928]  __x64_sys_mount+0x282/0x300
[ 3338.551783]  ? copy_mnt_ns+0xa00/0xa00
[ 3338.552606]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3338.553708]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3338.554805]  do_syscall_64+0x33/0x40
[ 3338.555591]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3338.556683] RIP: 0033:0x7f01450cdb19
[ 3338.557468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3338.561364] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3338.562983] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3338.564478] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3338.565980] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3338.567484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3338.568985] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:24:09 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x77150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:09 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x3e230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:26 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 52)

11:24:26 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x9e150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:26 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x3)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:24:26 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:24:26 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x3f000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:26 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x78150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:26 executing program 4:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="02950000000000002e2f66696c653000"])
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000008, 0x10, 0xffffffffffffffff, 0x8000000)
r3 = syz_io_uring_setup(0x5d79, &(0x7f0000000080)={0x0, 0x4100, 0x8, 0x2, 0xee, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000100)=<r4=>0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r5, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x200000, 0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r3, 0x0)
syz_io_uring_submit(r2, r4, &(0x7f00000001c0)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0xb7, &(0x7f0000000180)=[r5, r6, r0], 0x3, 0x0, 0x1, {0x0, r7}}, 0x3)

11:24:26 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
dup2(r0, r1)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 3355.594697] FAULT_INJECTION: forcing a failure.
[ 3355.594697] name failslab, interval 1, probability 0, space 0, times 0
[ 3355.596284] CPU: 0 PID: 92943 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3355.597185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3355.598277] Call Trace:
[ 3355.598637]  dump_stack+0x107/0x167
[ 3355.599115]  should_fail.cold+0x5/0xa
[ 3355.599618]  ? create_object.isra.0+0x3a/0xa20
[ 3355.600218]  should_failslab+0x5/0x20
[ 3355.600721]  kmem_cache_alloc+0x5b/0x310
[ 3355.601249]  create_object.isra.0+0x3a/0xa20
[ 3355.601825]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3355.602504]  kmem_cache_alloc+0x159/0x310
[ 3355.603070]  kmem_cache_create_usercopy+0x190/0x2f0
[ 3355.603738]  p9_client_create+0xc6a/0x1230
[ 3355.604305]  ? p9_client_flush+0x430/0x430
[ 3355.604865]  ? trace_hardirqs_on+0x5b/0x180
[ 3355.605432]  ? lockdep_init_map_type+0x2c7/0x780
[ 3355.606068]  ? __raw_spin_lock_init+0x36/0x110
[ 3355.606682]  v9fs_session_init+0x1dd/0x1680
[ 3355.607242]  ? lock_release+0x680/0x680
[ 3355.607774]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3355.608405]  ? v9fs_show_options+0x690/0x690
[ 3355.608987]  ? trace_hardirqs_on+0x5b/0x180
[ 3355.609552]  ? kasan_unpoison_shadow+0x33/0x50
[ 3355.610137]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3355.610800]  v9fs_mount+0x79/0x8f0
[ 3355.611264]  ? v9fs_write_inode+0x60/0x60
[ 3355.611806]  legacy_get_tree+0x105/0x220
[ 3355.612352]  vfs_get_tree+0x8e/0x300
[ 3355.612891]  path_mount+0x1429/0x2120
[ 3355.613393]  ? strncpy_from_user+0x9e/0x470
[ 3355.613954]  ? finish_automount+0xa90/0xa90
[ 3355.614521]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3355.615130]  ? _copy_from_user+0xfb/0x1b0
[ 3355.615677]  __x64_sys_mount+0x282/0x300
[ 3355.616196]  ? copy_mnt_ns+0xa00/0xa00
[ 3355.616715]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3355.617384]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3355.618054]  do_syscall_64+0x33/0x40
[ 3355.618547]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3355.619213] RIP: 0033:0x7f01450cdb19
[ 3355.619696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3355.622081] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3355.623082] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3355.624013] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3355.624929] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3355.625856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3355.626786] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3355.691407] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=92940 comm=syz-executor.0
11:24:26 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:24:26 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x79150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:26 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x5}}, './file0\x00'})
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xd, 0x13, r0, 0x10000000)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000140), 0x8)
r3 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x4, 0x0, 0x0, 0x0, 0x0, {0x0, r6}}, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x5, 0x0, r2, &(0x7f0000000000)=0x80, &(0x7f0000000080)=@ieee802154, 0x0, 0x80800, 0x3, {0x0, r6}}, 0x2)

11:24:26 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x3f230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:26 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x9f150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:26 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = getpgrp(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0xa260, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, r0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:24:26 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x7a000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:45 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

[ 3374.648099] FAULT_INJECTION: forcing a failure.
[ 3374.648099] name failslab, interval 1, probability 0, space 0, times 0
[ 3374.650500] CPU: 1 PID: 93793 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3374.651917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3374.653621] Call Trace:
[ 3374.654168]  dump_stack+0x107/0x167
[ 3374.654930]  should_fail.cold+0x5/0xa
[ 3374.655718]  ? __kmem_cache_create+0x10e/0x520
[ 3374.656660]  should_failslab+0x5/0x20
[ 3374.657440]  kmem_cache_alloc_node+0x55/0x330
[ 3374.658371]  __kmem_cache_create+0x10e/0x520
[ 3374.659294]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3374.660328]  p9_client_create+0xc6a/0x1230
[ 3374.661210]  ? p9_client_flush+0x430/0x430
[ 3374.662085]  ? trace_hardirqs_on+0x5b/0x180
[ 3374.662989]  ? lockdep_init_map_type+0x2c7/0x780
[ 3374.663963]  ? __raw_spin_lock_init+0x36/0x110
[ 3374.664913]  v9fs_session_init+0x1dd/0x1680
[ 3374.665802]  ? lock_release+0x680/0x680
[ 3374.666631]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3374.667613]  ? v9fs_show_options+0x690/0x690
[ 3374.668526]  ? trace_hardirqs_on+0x5b/0x180
[ 3374.669410]  ? kasan_unpoison_shadow+0x33/0x50
[ 3374.670340]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3374.671390]  v9fs_mount+0x79/0x8f0
[ 3374.672343]  ? v9fs_write_inode+0x60/0x60
[ 3374.673381]  legacy_get_tree+0x105/0x220
[ 3374.674219]  vfs_get_tree+0x8e/0x300
[ 3374.675048]  path_mount+0x1429/0x2120
[ 3374.675837]  ? strncpy_from_user+0x9e/0x470
[ 3374.676713]  ? finish_automount+0xa90/0xa90
[ 3374.677596]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3374.678546]  ? _copy_from_user+0xfb/0x1b0
[ 3374.679395]  __x64_sys_mount+0x282/0x300
[ 3374.680211]  ? copy_mnt_ns+0xa00/0xa00
[ 3374.680999]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3374.682192]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3374.683283]  do_syscall_64+0x33/0x40
[ 3374.684067]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3374.685141] RIP: 0033:0x7f01450cdb19
[ 3374.685933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3374.690120] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3374.691803] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
11:24:45 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:24:45 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x410, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cachetag}, {@cache_fscache}, {@noextend}, {@mmap}, {@access_any}, {@mmap}, {@posixacl}], [{@subj_user={'subj_user', 0x3d, '\x00'}}, {@measure}, {@obj_type={'obj_type', 0x3d, '\x00'}}, {@obj_type={'obj_type', 0x3d, '('}}, {@subj_type={'subj_type', 0x3d, '\x00'}}, {@subj_type={'subj_type', 0x3d, '\x00'}}, {@appraise}]}})
[ 3374.693516] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
r4 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000180)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0)
syz_io_uring_submit(r7, r6, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r8, 0x1, 0x3d, &(0x7f0000000140), 0x8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000500)={{{@in=@broadcast, @in6=@initdev}}, {{@in=@multicast1}, 0x0, @in6=@private1}}, &(0x7f00000001c0)=0xe8)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r6, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x6, 0x0, r8, 0x0, 0xfffffffffffffffe, 0x0, 0x20000080, 0x0, {0x0, r9}}, 0x9c9d)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:24:45 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa0150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:45 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 53)

11:24:45 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x40000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:45 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:24:45 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x7a150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3374.695161] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3374.697303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3374.699198] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3374.702462] kmem_cache_create(9p-fcall-cache-582) failed with error -22
[ 3374.704148] CPU: 1 PID: 93793 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3374.705688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3374.707653] Call Trace:
[ 3374.708298]  dump_stack+0x107/0x167
[ 3374.709120]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 3374.710311]  p9_client_create+0xc6a/0x1230
[ 3374.711414]  ? p9_client_flush+0x430/0x430
[ 3374.712502]  ? trace_hardirqs_on+0x5b/0x180
[ 3374.713630]  ? lockdep_init_map_type+0x2c7/0x780
[ 3374.714875]  ? __raw_spin_lock_init+0x36/0x110
[ 3374.715980]  v9fs_session_init+0x1dd/0x1680
[ 3374.716866]  ? lock_release+0x680/0x680
[ 3374.717878]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3374.719111]  ? v9fs_show_options+0x690/0x690
[ 3374.720171]  ? trace_hardirqs_on+0x5b/0x180
[ 3374.721204]  ? kasan_unpoison_shadow+0x33/0x50
[ 3374.722266]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3374.723482]  v9fs_mount+0x79/0x8f0
[ 3374.724425]  ? v9fs_write_inode+0x60/0x60
[ 3374.725430]  legacy_get_tree+0x105/0x220
[ 3374.726396]  vfs_get_tree+0x8e/0x300
[ 3374.727317]  path_mount+0x1429/0x2120
[ 3374.728224]  ? strncpy_from_user+0x9e/0x470
[ 3374.729265]  ? finish_automount+0xa90/0xa90
[ 3374.730292]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3374.731472]  ? _copy_from_user+0xfb/0x1b0
[ 3374.732469]  __x64_sys_mount+0x282/0x300
[ 3374.733485]  ? copy_mnt_ns+0xa00/0xa00
[ 3374.734444]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3374.735733]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3374.737058]  do_syscall_64+0x33/0x40
[ 3374.738006]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3374.739298] RIP: 0033:0x7f01450cdb19
[ 3374.740247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3374.744895] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3374.746860] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3374.748669] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3374.750459] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3374.752266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3374.754055] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:24:45 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

[ 3374.918652] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=93914 comm=syz-executor.0
11:24:45 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x40230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:45 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa1150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:45 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 54)

11:24:45 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x101, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0x4, 0x978a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
munmap(&(0x7f0000fef000/0x1000)=nil, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:24:45 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x7b150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3375.293140] FAULT_INJECTION: forcing a failure.
[ 3375.293140] name failslab, interval 1, probability 0, space 0, times 0
[ 3375.296008] CPU: 1 PID: 94331 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3375.297687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3375.299672] Call Trace:
[ 3375.300306]  dump_stack+0x107/0x167
[ 3375.301166]  should_fail.cold+0x5/0xa
[ 3375.302064]  ? create_object.isra.0+0x3a/0xa20
[ 3375.303170]  should_failslab+0x5/0x20
[ 3375.304078]  kmem_cache_alloc+0x5b/0x310
[ 3375.305035]  create_object.isra.0+0x3a/0xa20
[ 3375.306086]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3375.307284]  kmem_cache_alloc_node+0x169/0x330
[ 3375.308364]  __kmem_cache_create+0x10e/0x520
[ 3375.309408]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3375.310600]  p9_client_create+0xc6a/0x1230
[ 3375.311596]  ? p9_client_flush+0x430/0x430
[ 3375.312625]  ? trace_hardirqs_on+0x5b/0x180
[ 3375.313654]  ? lockdep_init_map_type+0x2c7/0x780
[ 3375.314762]  ? __raw_spin_lock_init+0x36/0x110
[ 3375.315877]  v9fs_session_init+0x1dd/0x1680
[ 3375.316944]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3375.318106]  ? v9fs_show_options+0x690/0x690
[ 3375.319206]  ? trace_hardirqs_on+0x5b/0x180
[ 3375.320204]  ? kasan_unpoison_shadow+0x33/0x50
[ 3375.321277]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3375.322523]  v9fs_mount+0x79/0x8f0
[ 3375.323333]  ? v9fs_write_inode+0x60/0x60
[ 3375.324336]  legacy_get_tree+0x105/0x220
[ 3375.325246]  vfs_get_tree+0x8e/0x300
[ 3375.326027]  path_mount+0x1429/0x2120
[ 3375.326819]  ? strncpy_from_user+0x9e/0x470
[ 3375.327689]  ? finish_automount+0xa90/0xa90
[ 3375.328637]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3375.329573]  ? _copy_from_user+0xfb/0x1b0
[ 3375.330420]  __x64_sys_mount+0x282/0x300
[ 3375.331301]  ? copy_mnt_ns+0xa00/0xa00
[ 3375.332092]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3375.333151]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3375.334222]  do_syscall_64+0x33/0x40
[ 3375.335053]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3375.336133] RIP: 0033:0x7f01450cdb19
[ 3375.336925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3375.340918] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3375.342399] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3375.343826] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3375.345227] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3375.346655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3375.348174] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:24:46 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:24:46 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x41230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:46 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:24:46 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="01bd31a15a0000ed92002000", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])

11:24:46 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x42230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:46 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 55)

11:24:46 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

[ 3375.740758] FAULT_INJECTION: forcing a failure.
[ 3375.740758] name failslab, interval 1, probability 0, space 0, times 0
[ 3375.742656] CPU: 1 PID: 94672 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3375.743866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3375.745148] Call Trace:
[ 3375.745564]  dump_stack+0x107/0x167
[ 3375.746139]  should_fail.cold+0x5/0xa
[ 3375.746747]  ? create_object.isra.0+0x3a/0xa20
[ 3375.747465]  should_failslab+0x5/0x20
[ 3375.748050]  kmem_cache_alloc+0x5b/0x310
[ 3375.748686]  create_object.isra.0+0x3a/0xa20
[ 3375.749391]  kmemleak_alloc_percpu+0xa0/0x100
[ 3375.750102]  pcpu_alloc+0x4e2/0x1240
[ 3375.750703]  __kmem_cache_create+0x35a/0x520
[ 3375.751401]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3375.752196]  p9_client_create+0xc6a/0x1230
[ 3375.752872]  ? p9_client_flush+0x430/0x430
[ 3375.753533]  ? trace_hardirqs_on+0x5b/0x180
[ 3375.754219]  ? lockdep_init_map_type+0x2c7/0x780
[ 3375.754978]  ? __raw_spin_lock_init+0x36/0x110
[ 3375.755691]  v9fs_session_init+0x1dd/0x1680
[ 3375.756391]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3375.757152]  ? v9fs_show_options+0x690/0x690
[ 3375.757843]  ? trace_hardirqs_on+0x5b/0x180
[ 3375.758535]  ? kasan_unpoison_shadow+0x33/0x50
[ 3375.759245]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3375.760044]  v9fs_mount+0x79/0x8f0
[ 3375.760590]  ? v9fs_write_inode+0x60/0x60
[ 3375.761248]  legacy_get_tree+0x105/0x220
[ 3375.761873]  vfs_get_tree+0x8e/0x300
[ 3375.762461]  path_mount+0x1429/0x2120
[ 3375.763085]  ? strncpy_from_user+0x9e/0x470
[ 3375.763805]  ? finish_automount+0xa90/0xa90
11:24:46 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x84400000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:46 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa2150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3375.764484]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3375.765446]  ? _copy_from_user+0xfb/0x1b0
[ 3375.766126]  __x64_sys_mount+0x282/0x300
[ 3375.766746]  ? copy_mnt_ns+0xa00/0xa00
[ 3375.767369]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3375.768159]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3375.768953]  do_syscall_64+0x33/0x40
[ 3375.769531]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3375.770302] RIP: 0033:0x7f01450cdb19
[ 3375.770884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3375.773684] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3375.774842] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3375.775940] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3375.777039] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3375.778153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3375.779252] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3375.843740] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=94698 comm=syz-executor.0
11:24:46 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/consoles\x00', 0x0, 0x0)
mbind(&(0x7f0000fef000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000140), 0xffffffffffffff00, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x8, 0x6, 0x2, 0x0, 0x0, 0x80000000, 0x410, 0x9, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x6921, 0x92ba, 0x3, 0x0, 0x2, 0x7, 0x2, 0x0, 0x80, 0x0, 0x227}, 0x0, 0xffffffffffffffff, r0, 0x2)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:24:46 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x8cffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:46 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x43230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:46 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000008, 0x4000010, r1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x5}}, './file0\x00'})
r3 = dup2(r2, r1)
io_uring_enter(r3, 0x4061, 0xc26b, 0x3, &(0x7f0000000080)={[0x3]}, 0x8)

11:24:46 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x97ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:24:46 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa3150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:02 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 56)

11:25:02 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:02 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:25:02 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:02 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
mlock2(&(0x7f0000fef000/0x3000)=nil, 0x3000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:25:02 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa4150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:02 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x44230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:02 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xc0ed0000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3392.185697] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=95490 comm=syz-executor.0
[ 3392.213842] FAULT_INJECTION: forcing a failure.
[ 3392.213842] name failslab, interval 1, probability 0, space 0, times 0
[ 3392.216738] CPU: 0 PID: 95495 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3392.218463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3392.220601] Call Trace:
[ 3392.221214]  dump_stack+0x107/0x167
[ 3392.222055]  should_fail.cold+0x5/0xa
[ 3392.222933]  ? create_object.isra.0+0x3a/0xa20
[ 3392.223992]  should_failslab+0x5/0x20
[ 3392.224868]  kmem_cache_alloc+0x5b/0x310
[ 3392.225954]  ? mark_held_locks+0x9e/0xe0
[ 3392.227082]  create_object.isra.0+0x3a/0xa20
[ 3392.228299]  kmemleak_alloc_percpu+0xa0/0x100
[ 3392.229557]  pcpu_alloc+0x4e2/0x1240
[ 3392.230631]  __kmem_cache_create+0x35a/0x520
[ 3392.231792]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3392.233011]  p9_client_create+0xc6a/0x1230
[ 3392.234050]  ? p9_client_flush+0x430/0x430
[ 3392.235132]  ? trace_hardirqs_on+0x5b/0x180
[ 3392.236210]  ? lockdep_init_map_type+0x2c7/0x780
[ 3392.237382]  ? __raw_spin_lock_init+0x36/0x110
[ 3392.238457]  v9fs_session_init+0x1dd/0x1680
[ 3392.239534]  ? lock_release+0x680/0x680
[ 3392.240512]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3392.241840]  ? trace_hardirqs_on+0x5b/0x180
[ 3392.242898]  ? v9fs_show_options+0x690/0x690
[ 3392.244056]  ? _raw_spin_unlock_irqrestore+0x25/0x40
[ 3392.245395]  ? kasan_unpoison_shadow+0x33/0x50
[ 3392.246781]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3392.248082]  v9fs_mount+0x79/0x8f0
[ 3392.248966]  ? v9fs_write_inode+0x60/0x60
[ 3392.249986]  legacy_get_tree+0x105/0x220
[ 3392.251018]  vfs_get_tree+0x8e/0x300
[ 3392.251889]  path_mount+0x1429/0x2120
[ 3392.252866]  ? strncpy_from_user+0x9e/0x470
[ 3392.254078]  ? finish_automount+0xa90/0xa90
[ 3392.255283]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3392.256572]  ? _copy_from_user+0xfb/0x1b0
[ 3392.257737]  __x64_sys_mount+0x282/0x300
[ 3392.258881]  ? copy_mnt_ns+0xa00/0xa00
[ 3392.260160]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3392.261308]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3392.262781]  do_syscall_64+0x33/0x40
[ 3392.263820]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3392.265238] RIP: 0033:0x7f01450cdb19
[ 3392.266272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3392.271277] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3392.273406] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3392.275422] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3392.277371] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3392.279433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3392.281452] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:25:03 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = gettid()
tgkill(r0, r0, 0x0)
r1 = syz_open_procfs(r0, &(0x7f0000000000)='stack\x00')
perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
sendmsg$nl_generic(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x29, 0x400, 0x70bd29, 0x25dfdbfb, {0x1c}, [@typed={0x8, 0x45, 0x0, 0x0, @pid=r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4040000)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="f8384e5af43a34e095808d1b3632d790cce19c43a0fca13474712653c76366", @ANYRES32=r0, @ANYRESDEC=r0])

11:25:03 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xd9aeb967, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:03 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x45230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:03 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa5150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:03 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x50, 0xf7, 0x0, 0x0, 0x76, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7ff2607c, 0x4, @perf_config_ext={0x0, 0xa68}, 0x2488, 0x80000000, 0x17, 0x5, 0x100000001, 0x4, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x0, 0xc, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:25:03 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 57)

[ 3392.709619] FAULT_INJECTION: forcing a failure.
[ 3392.709619] name failslab, interval 1, probability 0, space 0, times 0
[ 3392.712495] CPU: 1 PID: 96096 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3392.713670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3392.715068] Call Trace:
[ 3392.715510]  dump_stack+0x107/0x167
[ 3392.716126]  should_fail.cold+0x5/0xa
[ 3392.716820]  should_failslab+0x5/0x20
[ 3392.717463]  __kmalloc_track_caller+0x79/0x370
[ 3392.718229]  ? kstrdup_const+0x53/0x80
[ 3392.718892]  kstrdup+0x36/0x70
[ 3392.719442]  kstrdup_const+0x53/0x80
[ 3392.720076]  kvasprintf_const+0x10c/0x1a0
[ 3392.720771]  kobject_set_name_vargs+0x56/0x150
[ 3392.721532]  kobject_init_and_add+0xc9/0x160
[ 3392.722410]  ? kobject_create_and_add+0xb0/0xb0
[ 3392.723232]  ? wait_for_completion_io+0x270/0x270
[ 3392.724071]  ? kernfs_name_hash+0xe7/0x110
[ 3392.724806]  ? kernfs_find_ns+0x256/0x380
[ 3392.725531]  sysfs_slab_add+0x172/0x200
[ 3392.726216]  __kmem_cache_create+0x3db/0x520
[ 3392.726976]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3392.727845]  p9_client_create+0xc6a/0x1230
[ 3392.728582]  ? p9_client_flush+0x430/0x430
[ 3392.729343]  ? trace_hardirqs_on+0x5b/0x180
[ 3392.730087]  ? lockdep_init_map_type+0x2c7/0x780
[ 3392.730914]  ? __raw_spin_lock_init+0x36/0x110
[ 3392.731700]  v9fs_session_init+0x1dd/0x1680
[ 3392.732446]  ? lock_release+0x680/0x680
[ 3392.733140]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3392.733972]  ? v9fs_show_options+0x690/0x690
[ 3392.734744]  ? trace_hardirqs_on+0x5b/0x180
[ 3392.735476]  ? kasan_unpoison_shadow+0x33/0x50
[ 3392.736269]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3392.737139]  v9fs_mount+0x79/0x8f0
[ 3392.737755]  ? v9fs_write_inode+0x60/0x60
[ 3392.738482]  legacy_get_tree+0x105/0x220
[ 3392.739190]  vfs_get_tree+0x8e/0x300
[ 3392.739823]  path_mount+0x1429/0x2120
[ 3392.740491]  ? strncpy_from_user+0x9e/0x470
[ 3392.741207]  ? finish_automount+0xa90/0xa90
[ 3392.741919]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3392.742718]  ? _copy_from_user+0xfb/0x1b0
[ 3392.743409]  __x64_sys_mount+0x282/0x300
[ 3392.744112]  ? copy_mnt_ns+0xa00/0xa00
[ 3392.744765]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3392.745660]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3392.746515]  do_syscall_64+0x33/0x40
[ 3392.747161]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3392.748017] RIP: 0033:0x7f01450cdb19
[ 3392.748652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3392.751738] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3392.753045] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3392.754269] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3392.755507] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3392.756736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3392.757949] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3392.759556] kobject: can not set name properly!
[ 3392.760464] kmem_cache_create(9p-fcall-cache-586) failed with error -12
[ 3392.761638] CPU: 1 PID: 96096 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3392.762811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3392.764215] Call Trace:
[ 3392.764658]  dump_stack+0x107/0x167
[ 3392.765286]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 3392.766172]  p9_client_create+0xc6a/0x1230
[ 3392.766904]  ? p9_client_flush+0x430/0x430
[ 3392.767626]  ? trace_hardirqs_on+0x5b/0x180
[ 3392.768354]  ? lockdep_init_map_type+0x2c7/0x780
[ 3392.769095]  ? __raw_spin_lock_init+0x36/0x110
[ 3392.769872]  v9fs_session_init+0x1dd/0x1680
[ 3392.770587]  ? lock_release+0x680/0x680
[ 3392.771274]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3392.772040]  ? v9fs_show_options+0x690/0x690
[ 3392.772796]  ? trace_hardirqs_on+0x5b/0x180
[ 3392.773466]  ? kasan_unpoison_shadow+0x33/0x50
[ 3392.774259]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3392.775057]  v9fs_mount+0x79/0x8f0
[ 3392.775654]  ? v9fs_write_inode+0x60/0x60
[ 3392.776295]  legacy_get_tree+0x105/0x220
[ 3392.776984]  vfs_get_tree+0x8e/0x300
[ 3392.777564]  path_mount+0x1429/0x2120
[ 3392.778202]  ? strncpy_from_user+0x9e/0x470
[ 3392.778879]  ? finish_automount+0xa90/0xa90
[ 3392.779607]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3392.780330]  ? _copy_from_user+0xfb/0x1b0
[ 3392.781036]  __x64_sys_mount+0x282/0x300
[ 3392.781668]  ? copy_mnt_ns+0xa00/0xa00
[ 3392.782325]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3392.783211]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3392.784077]  do_syscall_64+0x33/0x40
[ 3392.784701]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3392.785551] RIP: 0033:0x7f01450cdb19
[ 3392.786168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3392.789252] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3392.790517] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3392.791704] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3392.792882] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3392.794069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3392.795260] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:25:18 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:18 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="05000000000000002e2f66036c653000f74f8044eb8d34d728ca37c754ab8df70663f01744b711fa621f9b8bebf5f4c48a8890a50406521b09c8472ad0da9706d73edec4b92f000000000000"])
r0 = pkey_alloc(0x0, 0x0)
pkey_mprotect(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x2000006, r0)

11:25:18 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:18 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:25:18 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xe4ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:18 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x46230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:18 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 58)

11:25:18 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa6150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3408.000655] FAULT_INJECTION: forcing a failure.
[ 3408.000655] name failslab, interval 1, probability 0, space 0, times 0
[ 3408.003289] CPU: 1 PID: 96243 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3408.004783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3408.006655] Call Trace:
[ 3408.007261]  dump_stack+0x107/0x167
[ 3408.008076]  should_fail.cold+0x5/0xa
[ 3408.008932]  ? create_object.isra.0+0x3a/0xa20
[ 3408.009963]  should_failslab+0x5/0x20
[ 3408.010858]  kmem_cache_alloc+0x5b/0x310
[ 3408.011880]  ? lock_release+0x680/0x680
[ 3408.013002]  create_object.isra.0+0x3a/0xa20
[ 3408.014248]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3408.015757]  __kmalloc_track_caller+0x177/0x370
[ 3408.017173]  ? kstrdup_const+0x53/0x80
[ 3408.018336]  kstrdup+0x36/0x70
[ 3408.019260]  kstrdup_const+0x53/0x80
[ 3408.020299]  kvasprintf_const+0x10c/0x1a0
[ 3408.021491]  kobject_set_name_vargs+0x56/0x150
[ 3408.022996]  kobject_init_and_add+0xc9/0x160
[ 3408.024231]  ? kobject_create_and_add+0xb0/0xb0
[ 3408.025511]  ? wait_for_completion_io+0x270/0x270
[ 3408.026037] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=96240 comm=syz-executor.0
[ 3408.026796]  ? kernfs_name_hash+0xe7/0x110
[ 3408.026829]  ? kernfs_find_ns+0x256/0x380
[ 3408.026867]  sysfs_slab_add+0x172/0x200
[ 3408.026922]  __kmem_cache_create+0x3db/0x520
[ 3408.033099]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3408.034267]  p9_client_create+0xc6a/0x1230
[ 3408.035411]  ? p9_client_flush+0x430/0x430
[ 3408.036522]  ? trace_hardirqs_on+0x5b/0x180
[ 3408.037678]  ? lockdep_init_map_type+0x2c7/0x780
[ 3408.039041]  ? __raw_spin_lock_init+0x36/0x110
[ 3408.040268]  v9fs_session_init+0x1dd/0x1680
[ 3408.041415]  ? lock_release+0x680/0x680
[ 3408.042483]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3408.043781]  ? v9fs_show_options+0x690/0x690
[ 3408.044962]  ? trace_hardirqs_on+0x5b/0x180
[ 3408.046110]  ? kasan_unpoison_shadow+0x33/0x50
[ 3408.047325]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3408.048667]  v9fs_mount+0x79/0x8f0
[ 3408.049631]  ? v9fs_write_inode+0x60/0x60
[ 3408.050747]  legacy_get_tree+0x105/0x220
[ 3408.051853]  vfs_get_tree+0x8e/0x300
[ 3408.052857]  path_mount+0x1429/0x2120
[ 3408.053884]  ? strncpy_from_user+0x9e/0x470
[ 3408.055045]  ? finish_automount+0xa90/0xa90
[ 3408.056201]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3408.057439]  ? _copy_from_user+0xfb/0x1b0
[ 3408.058550]  __x64_sys_mount+0x282/0x300
[ 3408.059646]  ? copy_mnt_ns+0xa00/0xa00
[ 3408.060683]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3408.062069]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3408.063450]  do_syscall_64+0x33/0x40
[ 3408.064439]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3408.065799] RIP: 0033:0x7f01450cdb19
[ 3408.066796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3408.071710] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3408.073719] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3408.075614] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3408.078044] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3408.079727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3408.081307] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:25:18 executing program 5:
prctl$PR_GET_SECUREBITS(0x1b)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x7f, 0x96, 0x7, 0x2, 0x0, 0xffff, 0x4, 0x5, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7f, 0x0, @perf_bp={&(0x7f0000000000), 0x5}, 0x42, 0x7ff, 0xffffffb1, 0x9, 0x0, 0x3, 0x8, 0x0, 0x1, 0x0, 0x1e}, 0x0, 0x8, 0xffffffffffffffff, 0x3)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r4, 0x1, 0x3d, &(0x7f0000000140), 0x8)
syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x4, 0x0, r4, 0x0, &(0x7f0000000100)="28d38e9d30e1fccbc6b12f5d773e29067ca25e57b50b554e6d65e4e72793d2a605a0830245cd0634687e69ee1b", 0x2d, 0x1}, 0x5)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018400000", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])

11:25:18 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa7150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:18 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x47230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:18 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:19 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 59)

11:25:19 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xf269f816, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:19 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x48000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3408.499903] FAULT_INJECTION: forcing a failure.
[ 3408.499903] name failslab, interval 1, probability 0, space 0, times 0
[ 3408.502516] CPU: 0 PID: 96775 Comm: syz-executor.2 Not tainted 5.10.234 #1
11:25:19 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000140), 0x8)
ioctl$FITHAW(r0, 0xc0045878)

[ 3408.503817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3408.505385] Call Trace:
[ 3408.505861]  dump_stack+0x107/0x167
[ 3408.506509]  should_fail.cold+0x5/0xa
[ 3408.507210]  should_failslab+0x5/0x20
[ 3408.507901]  __kmalloc_track_caller+0x79/0x370
[ 3408.508716]  ? kstrdup_const+0x53/0x80
[ 3408.509411]  kstrdup+0x36/0x70
[ 3408.509996]  kstrdup_const+0x53/0x80
[ 3408.510670]  kvasprintf_const+0x10c/0x1a0
[ 3408.511497]  kobject_set_name_vargs+0x56/0x150
[ 3408.512312]  kobject_init_and_add+0xc9/0x160
[ 3408.513094]  ? kobject_create_and_add+0xb0/0xb0
[ 3408.513930]  ? wait_for_completion_io+0x270/0x270
[ 3408.514788]  ? kernfs_name_hash+0xe7/0x110
[ 3408.515583]  ? kernfs_find_ns+0x256/0x380
[ 3408.516330]  sysfs_slab_add+0x172/0x200
[ 3408.517032]  __kmem_cache_create+0x3db/0x520
[ 3408.517956]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3408.518865]  p9_client_create+0xc6a/0x1230
[ 3408.519646]  ? p9_client_flush+0x430/0x430
[ 3408.520407]  ? trace_hardirqs_on+0x5b/0x180
[ 3408.521188]  ? lockdep_init_map_type+0x2c7/0x780
[ 3408.522043]  ? __raw_spin_lock_init+0x36/0x110
[ 3408.522869]  v9fs_session_init+0x1dd/0x1680
[ 3408.523656]  ? lock_release+0x680/0x680
[ 3408.524382]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3408.525252]  ? v9fs_show_options+0x690/0x690
[ 3408.526052]  ? trace_hardirqs_on+0x5b/0x180
[ 3408.526832]  ? kasan_unpoison_shadow+0x33/0x50
[ 3408.527670]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3408.528581]  v9fs_mount+0x79/0x8f0
[ 3408.529224]  ? v9fs_write_inode+0x60/0x60
[ 3408.529983]  legacy_get_tree+0x105/0x220
[ 3408.530716]  vfs_get_tree+0x8e/0x300
[ 3408.531397]  path_mount+0x1429/0x2120
[ 3408.532089]  ? strncpy_from_user+0x9e/0x470
[ 3408.532866]  ? finish_automount+0xa90/0xa90
[ 3408.533656]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3408.534479]  ? _copy_from_user+0xfb/0x1b0
[ 3408.535238]  __x64_sys_mount+0x282/0x300
[ 3408.535967]  ? copy_mnt_ns+0xa00/0xa00
[ 3408.536679]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3408.537638]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3408.538572]  do_syscall_64+0x33/0x40
[ 3408.539249]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3408.540171] RIP: 0033:0x7f01450cdb19
[ 3408.540872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3408.544219] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3408.545599] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3408.546902] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3408.548180] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3408.549462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3408.550750] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3408.552380] kobject: can not set name properly!
[ 3408.553538] kmem_cache_create(9p-fcall-cache-588) failed with error -12
[ 3408.554770] CPU: 0 PID: 96775 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3408.556020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3408.557511] Call Trace:
[ 3408.557977]  dump_stack+0x107/0x167
[ 3408.558636]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 3408.559590]  p9_client_create+0xc6a/0x1230
[ 3408.560348]  ? p9_client_flush+0x430/0x430
[ 3408.561105]  ? trace_hardirqs_on+0x5b/0x180
[ 3408.561875]  ? lockdep_init_map_type+0x2c7/0x780
[ 3408.562731]  ? __raw_spin_lock_init+0x36/0x110
[ 3408.563553]  v9fs_session_init+0x1dd/0x1680
[ 3408.564320]  ? lock_release+0x680/0x680
[ 3408.565031]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3408.565886]  ? v9fs_show_options+0x690/0x690
[ 3408.566674]  ? trace_hardirqs_on+0x5b/0x180
[ 3408.567463]  ? kasan_unpoison_shadow+0x33/0x50
[ 3408.568275]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3408.569179]  v9fs_mount+0x79/0x8f0
[ 3408.569805]  ? v9fs_write_inode+0x60/0x60
[ 3408.570546]  legacy_get_tree+0x105/0x220
[ 3408.571271]  vfs_get_tree+0x8e/0x300
[ 3408.571929]  path_mount+0x1429/0x2120
[ 3408.572606]  ? strncpy_from_user+0x9e/0x470
[ 3408.573366]  ? finish_automount+0xa90/0xa90
[ 3408.574125]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3408.574960]  ? _copy_from_user+0xfb/0x1b0
[ 3408.575701]  __x64_sys_mount+0x282/0x300
[ 3408.576412]  ? copy_mnt_ns+0xa00/0xa00
[ 3408.577100]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3408.578024]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3408.578950]  do_syscall_64+0x33/0x40
[ 3408.579606]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3408.580507] RIP: 0033:0x7f01450cdb19
[ 3408.581162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3408.584413] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3408.585758] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3408.587009] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3408.588296] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3408.589538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3408.590788] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:25:19 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x48230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:33 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa8150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:33 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:33 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x49230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:33 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:25:33 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:25:33 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 60)

11:25:33 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xf5ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:33 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

[ 3423.006065] FAULT_INJECTION: forcing a failure.
[ 3423.006065] name failslab, interval 1, probability 0, space 0, times 0
[ 3423.009128] CPU: 0 PID: 97296 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3423.010910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3423.013058] Call Trace:
[ 3423.013744]  dump_stack+0x107/0x167
[ 3423.014699]  should_fail.cold+0x5/0xa
[ 3423.015718]  ? create_object.isra.0+0x3a/0xa20
[ 3423.016912]  should_failslab+0x5/0x20
[ 3423.017899]  kmem_cache_alloc+0x5b/0x310
[ 3423.018954]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3423.020377]  create_object.isra.0+0x3a/0xa20
[ 3423.021520]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3423.022858]  __kmalloc_track_caller+0x177/0x370
[ 3423.024088]  ? kstrdup_const+0x53/0x80
[ 3423.025112]  kstrdup+0x36/0x70
[ 3423.025947]  kstrdup_const+0x53/0x80
[ 3423.026924]  __kernfs_new_node+0x9d/0x860
[ 3423.028051]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 3423.029299]  ? lock_acquire+0x197/0x470
[ 3423.030345]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3423.031807]  ? lock_release+0x680/0x680
[ 3423.032799]  ? find_held_lock+0x2c/0x110
[ 3423.033821]  kernfs_new_node+0x18d/0x250
[ 3423.034838]  kernfs_create_dir_ns+0x49/0x160
[ 3423.035943]  sysfs_create_dir_ns+0x127/0x290
[ 3423.036866]  ? sysfs_create_mount_point+0xb0/0xb0
[ 3423.037868]  ? rwlock_bug.part.0+0x90/0x90
[ 3423.038752]  ? do_raw_spin_unlock+0x4f/0x220
[ 3423.039691]  kobject_add_internal+0x25e/0xa30
[ 3423.040636]  kobject_init_and_add+0x101/0x160
[ 3423.041568]  ? kobject_create_and_add+0xb0/0xb0
[ 3423.042546]  ? wait_for_completion_io+0x270/0x270
[ 3423.043582]  ? kernfs_name_hash+0xe7/0x110
[ 3423.044471]  ? kernfs_find_ns+0x256/0x380
[ 3423.045346]  sysfs_slab_add+0x172/0x200
[ 3423.046185]  __kmem_cache_create+0x3db/0x520
[ 3423.047118]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3423.048167]  p9_client_create+0xc6a/0x1230
[ 3423.049067]  ? p9_client_flush+0x430/0x430
[ 3423.049962]  ? trace_hardirqs_on+0x5b/0x180
[ 3423.050868]  ? lockdep_init_map_type+0x2c7/0x780
[ 3423.051876]  ? __raw_spin_lock_init+0x36/0x110
[ 3423.052844]  v9fs_session_init+0x1dd/0x1680
[ 3423.053746]  ? lock_release+0x680/0x680
[ 3423.054651]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3423.055673]  ? v9fs_show_options+0x690/0x690
[ 3423.056600]  ? trace_hardirqs_on+0x5b/0x180
[ 3423.057506]  ? kasan_unpoison_shadow+0x33/0x50
[ 3423.058457]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3423.059542]  v9fs_mount+0x79/0x8f0
[ 3423.060287]  ? v9fs_write_inode+0x60/0x60
[ 3423.061159]  legacy_get_tree+0x105/0x220
[ 3423.062009]  vfs_get_tree+0x8e/0x300
[ 3423.062784]  path_mount+0x1429/0x2120
[ 3423.063595]  ? strncpy_from_user+0x9e/0x470
[ 3423.064499]  ? finish_automount+0xa90/0xa90
[ 3423.065390]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3423.066358]  ? _copy_from_user+0xfb/0x1b0
[ 3423.067256]  __x64_sys_mount+0x282/0x300
[ 3423.068108]  ? copy_mnt_ns+0xa00/0xa00
[ 3423.068928]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3423.070029]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3423.071119]  do_syscall_64+0x33/0x40
[ 3423.071912]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3423.072980] RIP: 0033:0x7f01450cdb19
[ 3423.073757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3423.077651] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3423.079265] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3423.080763] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3423.082254] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3423.083746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3423.085241] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
11:25:33 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000006a0bb509af47ba102140ed70edcf0e0f4c3bce28d37122fb3441d461b42f3ba17b1fbac4", @ANYRES32, @ANYBLOB="05000000000000002e2f66696c653000"])
r0 = gettid()
tgkill(r0, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x3f, 0xfe, 0x7f, 0x20, 0x0, 0x5, 0x202c0, 0x4, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0xb8a, 0x2, @perf_config_ext={0x2e3364a8, 0x100000001}, 0x6181, 0x3, 0x0, 0x3, 0x20, 0xffffffff, 0xd9, 0x0, 0x10001, 0x0, 0x200}, r0, 0x6, 0xffffffffffffffff, 0x8)

11:25:33 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xa9150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:49 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000fef000/0x2000)=nil, 0x2000, 0x3000004, 0x10010, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
r0 = syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
clock_gettime(0x0, &(0x7f0000000000)={<r4=>0x0, <r5=>0x0})
syz_io_uring_submit(0x0, r2, &(0x7f00000000c0)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x8, &(0x7f0000000080)={r4, r5+10000000}, 0x1, 0x1}, 0x3)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'})

11:25:49 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x4a230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:49 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a9", 0x1f)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0)
r3 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, 0x0, 0x0, 0xfffffffffffffd69, 0x0)
syz_io_uring_setup(0x7781, &(0x7f0000000400)={0x0, 0x69ec, 0x10, 0x0, 0x3aa, 0x0, r3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], 0x18}}, 0x0)
readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/55, 0x37}, {&(0x7f0000000200)=""/108, 0x6c}], 0x4)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000500)={0x0, 0x7e850000, 0x6, 0x0, 0x0, [{{r1}, 0x800}, {{}, 0x2}, {{r4}, 0x20f}, {{r0}, 0x8}, {{r1}, 0x1ff}, {{r5}, 0xffffbffffffff754}]})
syz_open_dev$tty20(0xc, 0x4, 0x0)
unshare(0x48020200)

11:25:49 executing program 6:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, &(0x7f0000000600))
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:49 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:49 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 61)

11:25:49 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xaa150100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

11:25:49 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xf6ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3439.255053] FAULT_INJECTION: forcing a failure.
[ 3439.255053] name failslab, interval 1, probability 0, space 0, times 0
[ 3439.257720] CPU: 0 PID: 97828 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3439.259204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3439.261052] Call Trace:
[ 3439.261632]  dump_stack+0x107/0x167
[ 3439.262454]  should_fail.cold+0x5/0xa
[ 3439.263465]  ? __kernfs_new_node+0xd4/0x860
[ 3439.264580]  should_failslab+0x5/0x20
[ 3439.265563]  kmem_cache_alloc+0x5b/0x310
[ 3439.266619]  __kernfs_new_node+0xd4/0x860
[ 3439.267713]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 3439.268901]  ? lock_acquire+0x197/0x470
[ 3439.269798]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3439.270912]  ? lock_release+0x680/0x680
[ 3439.271776]  ? find_held_lock+0x2c/0x110
[ 3439.272768]  kernfs_new_node+0x18d/0x250
[ 3439.273631] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=97835 comm=syz-executor.0
[ 3439.273766]  kernfs_create_dir_ns+0x49/0x160
[ 3439.277433]  sysfs_create_dir_ns+0x127/0x290
[ 3439.278645]  ? sysfs_create_mount_point+0xb0/0xb0
[ 3439.279868]  ? rwlock_bug.part.0+0x90/0x90
[ 3439.280987]  ? do_raw_spin_unlock+0x4f/0x220
[ 3439.282132]  kobject_add_internal+0x25e/0xa30
[ 3439.283248]  kobject_init_and_add+0x101/0x160
[ 3439.284398]  ? kobject_create_and_add+0xb0/0xb0
[ 3439.285585]  ? wait_for_completion_io+0x270/0x270
[ 3439.286822]  ? kernfs_name_hash+0xe7/0x110
[ 3439.287961]  ? kernfs_find_ns+0x256/0x380
[ 3439.289072]  sysfs_slab_add+0x172/0x200
[ 3439.290117]  __kmem_cache_create+0x3db/0x520
[ 3439.291281]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3439.292628]  p9_client_create+0xc6a/0x1230
[ 3439.293771]  ? p9_client_flush+0x430/0x430
[ 3439.294883]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.296083]  ? lockdep_init_map_type+0x2c7/0x780
[ 3439.297306]  ? __raw_spin_lock_init+0x36/0x110
[ 3439.298488]  v9fs_session_init+0x1dd/0x1680
[ 3439.299612]  ? lock_release+0x680/0x680
[ 3439.300607]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3439.301625]  ? v9fs_show_options+0x690/0x690
[ 3439.302561]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.303476]  ? kasan_unpoison_shadow+0x33/0x50
[ 3439.304441]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3439.305506]  v9fs_mount+0x79/0x8f0
[ 3439.306254]  ? v9fs_write_inode+0x60/0x60
[ 3439.307126]  legacy_get_tree+0x105/0x220
[ 3439.307990]  vfs_get_tree+0x8e/0x300
[ 3439.308777]  path_mount+0x1429/0x2120
[ 3439.309587]  ? strncpy_from_user+0x9e/0x470
[ 3439.310486]  ? finish_automount+0xa90/0xa90
[ 3439.311402]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3439.312379]  ? _copy_from_user+0xfb/0x1b0
[ 3439.313256]  __x64_sys_mount+0x282/0x300
[ 3439.314106]  ? copy_mnt_ns+0xa00/0xa00
[ 3439.314928]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3439.316103]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3439.317188]  do_syscall_64+0x33/0x40
[ 3439.317972]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3439.319059] RIP: 0033:0x7f01450cdb19
[ 3439.319855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3439.323727] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3439.325329] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3439.326834] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3439.328581] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3439.330414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3439.332190] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3439.336827] kobject_add_internal failed for 9p-fcall-cache-590 (error: -12 parent: slab)
[ 3439.339730] kmem_cache_create(9p-fcall-cache-590) failed with error -12
[ 3439.341282] CPU: 0 PID: 97828 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3439.342745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3439.344567] Call Trace:
[ 3439.345174]  dump_stack+0x107/0x167
[ 3439.345999]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 3439.347198]  p9_client_create+0xc6a/0x1230
[ 3439.348178]  ? p9_client_flush+0x430/0x430
[ 3439.349148]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.350135]  ? lockdep_init_map_type+0x2c7/0x780
[ 3439.351235]  ? __raw_spin_lock_init+0x36/0x110
[ 3439.352268]  v9fs_session_init+0x1dd/0x1680
[ 3439.353270]  ? lock_release+0x680/0x680
[ 3439.354211]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3439.355363]  ? v9fs_show_options+0x690/0x690
[ 3439.356396]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.357410]  ? kasan_unpoison_shadow+0x33/0x50
[ 3439.358473]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3439.359680]  v9fs_mount+0x79/0x8f0
[ 3439.360517]  ? v9fs_write_inode+0x60/0x60
[ 3439.361493]  legacy_get_tree+0x105/0x220
[ 3439.362448]  vfs_get_tree+0x8e/0x300
[ 3439.363346]  path_mount+0x1429/0x2120
[ 3439.364239]  ? strncpy_from_user+0x9e/0x470
[ 3439.365246]  ? finish_automount+0xa90/0xa90
[ 3439.366248]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3439.367345]  ? _copy_from_user+0xfb/0x1b0
[ 3439.368326]  __x64_sys_mount+0x282/0x300
[ 3439.369280]  ? copy_mnt_ns+0xa00/0xa00
[ 3439.370201]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3439.371441]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3439.372587]  do_syscall_64+0x33/0x40
[ 3439.373511]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3439.374757] RIP: 0033:0x7f01450cdb19
11:25:49 executing program 5:
syz_io_uring_submit(0x0, 0x0, 0x0, 0x1000)
r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14, 0x800)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000140)={0x20, 0x7, 0x1, 0x0, 0x1, [0x3, 0x1, 0xfffff759, 0x7f]})
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = dup2(r2, r1)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r3, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0xf8, 0x0, 0x20, 0x70bd28, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xffff8001}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x68e}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xa05}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x6}}]}, 0xf8}, 0x1, 0x0, 0x0, 0x40800}, 0x44)
r4 = fcntl$dupfd(r2, 0x0, r2)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x30, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)
perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x7f, 0x36, 0xff, 0x0, 0x0, 0x7b, 0x4, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x6, 0xa4a7f05c8a155b5c, @perf_bp={&(0x7f0000000180)}, 0x10800, 0x8e8, 0x3, 0x2, 0x81, 0xffffffff, 0x40, 0x0, 0x7fffffff, 0x0, 0x5}, 0xffffffffffffffff, 0x8, r4, 0xa)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x1, 0x3f, 0x1, 0xfc, 0x0, 0x4, 0x8100, 0x4, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x4, @perf_config_ext={0x8001, 0xc5}, 0x8, 0x2, 0x10000, 0x3, 0x7, 0x200, 0xe8, 0x0, 0x1f, 0x0, 0x9}, 0xffffffffffffffff, 0x4, r1, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fef000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000480)=ANY=[@ANYBLOB="0100010073001027e615df18b3f19f198706f6965718000000", @ANYRES32, @ANYBLOB="05000000000000002e2f6669686530008e3a32d25939e23e513051b52029677837bed57bfaf8563b7a49906fa7595f0bfe804413926a5384540a1150d25dec7fe5170c908d81d6f3f065604d808a58a804895620e8d920e85956996236c1136b782ef201fb888ab5be2aac5688443b4d58c29256e906639798821b8e83df783c6cc6d4561e"])
ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628)

[ 3439.375641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3439.380175] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3439.381822] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3439.383375] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3439.384926] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3439.386464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3439.388015] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3439.455797] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=98080 comm=syz-executor.5
11:25:50 executing program 7:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0xfdffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3439.529764] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=98223 comm=syz-executor.5
11:25:50 executing program 4:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0x1cbb43, 0x0)
ioctl$DVD_READ_STRUCT(r3, 0x5320, &(0x7f0000000000)=@bca={0x3, 0xbc, "c6f5fb2a421d01b730fb444190bd866b5b2aee9eb11fa9875fdcf5e09eb6abd8bd9c39b520dd4cf5a788aceadcd131695edd1f4ad9bc6d1f4ac39d68149ddd836fcacee920cdeff17dc275f3e13dfd35d3a2d1133ec627e85b64255b72dd0dfb6782acab4abf71349a5f1484614018599ececdb081c65ff9ff9ee349179daa58e699d77cc1fc86af074a871bfda5e12bb982e05258c1d365e871b2c18dc701001f2d73b91b07931f7237b8b6154aa2fed6651f00"})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8687095539872aab9887ebccef0290726cd7975fbb5098af2c3054a705cbe6df059013f840060ecb9b6fd83d6dc5f4078d3fefc5ca6140a54aee92baa352fc6169a8e9469eb27cff0ff186cd5032e35d2072760db3e6355f0a11fd09ea62cbb3d94ccca1157ddf2c62e87363e501008c9ac85d59c8984cc86fda8e720c286eb3c1a04e6631206ac07315db8020f3d4ab1cd390d1bd2681bc87bfad69fc5557196f9ca23994a27c0914f23fef8653da668b2c9c165156906592ebe9a90a02441168a1d8ec346a047d833f7e36cf5798c75449d812d41cbfaa51489ca1a5509edf986bce5502c55d74b99c9645567fccaa124f56645d76b4b611bfabf7aa", @ANYRES16=0x0, @ANYBLOB="020025bd7000ffdbdf2501000000000000000b000000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x11)
fstat(r1, 0x0)
tgkill(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='io\x00')
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x5, 0x9d, 0x0, 0xfc, 0x0, 0x0, 0xa080, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x7}, 0x6430, 0x2, 0x1, 0x6, 0x100000000, 0x6, 0x6, 0x0, 0x80000001, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, r0, 0xb)
sendfile(r1, r2, 0x0, 0x100000001)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x488040, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

11:25:50 executing program 2:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_none}]}}) (fail_nth: 62)

11:25:50 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f00000004c0)={0x200000000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100), {0x10}, &(0x7f00000001c0), 0x0, &(0x7f0000000400)=""/80, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x4b230100, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_none}]}})

[ 3439.691710] FAULT_INJECTION: forcing a failure.
[ 3439.691710] name failslab, interval 1, probability 0, space 0, times 0
[ 3439.694147] CPU: 1 PID: 98275 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 3439.695719] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3439.697501] Call Trace:
[ 3439.698063]  dump_stack+0x107/0x167
[ 3439.698835]  should_fail.cold+0x5/0xa
[ 3439.699682]  ? create_object.isra.0+0x3a/0xa20
[ 3439.700654]  should_failslab+0x5/0x20
[ 3439.701475]  kmem_cache_alloc+0x5b/0x310
[ 3439.702353]  create_object.isra.0+0x3a/0xa20
[ 3439.703283]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3439.704402]  kmem_cache_alloc+0x159/0x310
[ 3439.705597]  __kernfs_new_node+0xd4/0x860
[ 3439.706490]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 3439.707544]  ? lock_acquire+0x197/0x470
[ 3439.708393]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3439.709525]  ? lock_release+0x680/0x680
[ 3439.710365]  ? find_held_lock+0x2c/0x110
[ 3439.711226]  kernfs_new_node+0x18d/0x250
[ 3439.712106]  kernfs_create_dir_ns+0x49/0x160
[ 3439.713048]  sysfs_create_dir_ns+0x127/0x290
[ 3439.713983]  ? sysfs_create_mount_point+0xb0/0xb0
[ 3439.714990]  ? rwlock_bug.part.0+0x90/0x90
[ 3439.715912]  ? do_raw_spin_unlock+0x4f/0x220
[ 3439.716847]  kobject_add_internal+0x25e/0xa30
[ 3439.717808]  kobject_init_and_add+0x101/0x160
[ 3439.718759]  ? kobject_create_and_add+0xb0/0xb0
[ 3439.719768]  ? wait_for_completion_io+0x270/0x270
[ 3439.720918]  ? kernfs_name_hash+0xe7/0x110
[ 3439.721818]  ? kernfs_find_ns+0x256/0x380
[ 3439.722706]  sysfs_slab_add+0x172/0x200
[ 3439.723581]  __kmem_cache_create+0x3db/0x520
[ 3439.724520]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 3439.725585]  p9_client_create+0xc6a/0x1230
[ 3439.726494]  ? p9_client_flush+0x430/0x430
[ 3439.727404]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.728323]  ? lockdep_init_map_type+0x2c7/0x780
[ 3439.729330]  ? __raw_spin_lock_init+0x36/0x110
[ 3439.730305]  v9fs_session_init+0x1dd/0x1680
[ 3439.731218]  ? lock_release+0x680/0x680
[ 3439.732092]  ? kmem_cache_alloc_trace+0x151/0x320
[ 3439.733110]  ? v9fs_show_options+0x690/0x690
[ 3439.734049]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.734953]  ? kasan_unpoison_shadow+0x33/0x50
[ 3439.735922]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3439.736992]  v9fs_mount+0x79/0x8f0
[ 3439.737741]  ? v9fs_write_inode+0x60/0x60
[ 3439.738624]  legacy_get_tree+0x105/0x220
[ 3439.739550]  vfs_get_tree+0x8e/0x300
[ 3439.740349]  path_mount+0x1429/0x2120
[ 3439.741161]  ? strncpy_from_user+0x9e/0x470
[ 3439.742071]  ? finish_automount+0xa90/0xa90
[ 3439.743101]  ? getname_flags.part.0+0x1dd/0x4f0
[ 3439.744108]  ? _copy_from_user+0xfb/0x1b0
[ 3439.745001]  __x64_sys_mount+0x282/0x300
[ 3439.745872]  ? copy_mnt_ns+0xa00/0xa00
[ 3439.746715]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3439.747861]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3439.748974]  do_syscall_64+0x33/0x40
[ 3439.749777]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3439.750958] RIP: 0033:0x7f01450cdb19
[ 3439.751786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3439.755789] RSP: 002b:00007f0142643188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3439.757425] RAX: ffffffffffffffda RBX: 00007f01451e0f60 RCX: 00007f01450cdb19
[ 3439.758964] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 3439.760521] RBP: 00007f01426431d0 R08: 0000000020000140 R09: 0000000000000000
[ 3439.762063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3439.763605] R13: 00007ffd8db6f30f R14: 00007f0142643300 R15: 0000000000022000
[ 3458.223442] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff8880461d49c0 (size 32):
  comm "syz-executor.2", pid 97828, jiffies 4298106146 (age 30.732s)
  hex dump (first 32 bytes):
    39 70 2d 66 63 61 6c 6c 2d 63 61 63 68 65 2d 35  9p-fcall-cache-5
    39 30 00 46 80 88 ff ff 00 00 00 00 00 00 00 00  90.F............
  backtrace:
    [<000000002f028768>] kstrdup+0x36/0x70
    [<0000000077412d42>] kstrdup_const+0x53/0x80
    [<00000000c3494b65>] kvasprintf_const+0x10c/0x1a0
    [<000000006492d591>] kobject_set_name_vargs+0x56/0x150
    [<00000000cad3bf5d>] kobject_init_and_add+0xc9/0x160
    [<000000005eea8042>] sysfs_slab_add+0x172/0x200
    [<00000000c1add115>] __kmem_cache_create+0x3db/0x520
    [<000000006592905b>] kmem_cache_create_usercopy+0x1db/0x2f0
    [<00000000a556b7a8>] p9_client_create+0xc6a/0x1230
    [<00000000488c35b2>] v9fs_session_init+0x1dd/0x1680
    [<000000003232ce63>] v9fs_mount+0x79/0x8f0
    [<00000000de2899a1>] legacy_get_tree+0x105/0x220
    [<00000000736f91a1>] vfs_get_tree+0x8e/0x300
    [<00000000baaf1be2>] path_mount+0x1429/0x2120
    [<0000000098cb7015>] __x64_sys_mount+0x282/0x300
    [<000000003310931f>] do_syscall_64+0x33/0x40

BUG: leak checking failed

VM DIAGNOSIS:
11:26:21  Registers:
info registers vcpu 0
RAX=ffffffff83e7e9b0 RBX=0000000000000000 RCX=ffffffff83e6658c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e7efb8 RBP=0000000000000000 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001
R12=0000000000000000 R13=ffffffff85678508 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e7e9be RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fff40185ef8 CR3=000000001b746000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e
XMM02=3a29323320657a697328203063393464 XMM03=373920646970202c22322e726f747563
XMM04=6c6c6163662d70392020353320643220 XMM05=32206336206336203136203336203636
XMM06=73657479622032332074737269662820 XMM07=2e303320656761282036343136303138
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffffffff83e7e9b0 RBX=0000000000000001 RCX=ffffffff83e6658c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e7efb8 RBP=0000000000000001 RSP=ffff888008987e70
R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001
R12=0000000000000001 R13=ffffffff85678508 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e7e9be RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0d11307020 CR3=000000000d694000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=0000000000000000414904f800000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000