7.385605]  kmem_cache_alloc+0x5b/0x310
[  617.386091]  __kernfs_new_node+0xd4/0x860
[  617.386590]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  617.387160]  ? find_held_lock+0x2c/0x110
[  617.387652]  ? kernfs_add_one+0x36e/0x4d0
[  617.388145]  ? lock_downgrade+0x6d0/0x6d0
[  617.388639]  kernfs_new_node+0x18d/0x250
[  617.389123]  __kernfs_create_file+0x51/0x350
[  617.389649]  sysfs_add_file_mode_ns+0x221/0x560
[  617.389885] 9pnet: Insufficient options for proto=fd
[  617.390205]  internal_create_group+0x324/0xb30
[  617.390220]  ? sysfs_remove_group+0x170/0x170
[  617.390228]  ? kernfs_create_dir_ns+0x10b/0x160
[  617.390240]  ? sysfs_create_dir_ns+0x139/0x290
[  617.390259]  ? sysfs_create_dir_ns+0x177/0x290
[  617.394334]  ? sysfs_create_mount_point+0xb0/0xb0
[  617.394912]  internal_create_groups.part.0+0x90/0x140
[  617.395544]  sysfs_create_groups+0x25/0x50
[  617.396053]  kobject_add_internal+0x550/0xa30
[  617.396592]  kobject_init_and_add+0x101/0x160
[  617.397134]  ? kobject_create_and_add+0xb0/0xb0
[  617.397707]  netdev_queue_update_kobjects+0x13b/0x3e0
[  617.398335]  netif_set_real_num_tx_queues+0x1ba/0x790
[  617.398963]  tun_attach.isra.0+0x610/0x1760
[  617.399502]  __tun_chr_ioctl+0x173c/0x3f40
[  617.400013]  ? __mutex_unlock_slowpath+0xe1/0x600
[  617.400590]  ? tun_chr_poll+0x700/0x700
[  617.401064]  ? wait_for_completion_io+0x270/0x270
[  617.401642]  ? selinux_file_ioctl+0xb6/0x270
[  617.402169]  ? tun_chr_compat_ioctl+0x30/0x30
[  617.402709]  __x64_sys_ioctl+0x19a/0x210
[  617.403196]  do_syscall_64+0x33/0x40
[  617.403649]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  617.404256] RIP: 0033:0x7f6888bfdb19
[  617.404703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  617.406909] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  617.407821] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  617.408666] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  617.409513] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  617.410358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  617.411205] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:13:44 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:13:44 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:13:44 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  617.475453] kobject_add_internal failed for tx-1 (error: -12 parent: queues)
08:13:44 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)

[  617.493672] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=5833 comm=syz-executor.0
08:13:44 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x9, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:13:44 executing program 7:
openat(0xffffffffffffff9c, 0x0, 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:13:44 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:13:44 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 11)

[  617.592883] FAULT_INJECTION: forcing a failure.
[  617.592883] name failslab, interval 1, probability 0, space 0, times 0
[  617.594258] CPU: 1 PID: 5866 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  617.595029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  617.595979] Call Trace:
[  617.596285]  dump_stack+0x107/0x167
[  617.596697]  should_fail.cold+0x5/0xa
[  617.597136]  ? create_object.isra.0+0x3a/0xa20
[  617.597654]  should_failslab+0x5/0x20
[  617.598093]  kmem_cache_alloc+0x5b/0x310
[  617.598554]  create_object.isra.0+0x3a/0xa20
[  617.599059]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  617.599649]  kmem_cache_alloc+0x159/0x310
[  617.600127]  __kernfs_new_node+0xd4/0x860
[  617.600601]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  617.601147]  ? find_held_lock+0x2c/0x110
[  617.601611]  ? kernfs_add_one+0x36e/0x4d0
[  617.602083]  ? lock_downgrade+0x6d0/0x6d0
[  617.602553]  kernfs_new_node+0x18d/0x250
[  617.603016]  __kernfs_create_file+0x51/0x350
[  617.603525]  sysfs_add_file_mode_ns+0x221/0x560
[  617.604060]  internal_create_group+0x324/0xb30
[  617.604586]  ? sysfs_remove_group+0x170/0x170
[  617.605096]  ? kernfs_create_dir_ns+0x10b/0x160
[  617.605629]  ? sysfs_create_dir_ns+0x139/0x290
[  617.606145]  ? sysfs_create_dir_ns+0x177/0x290
[  617.606659]  ? sysfs_create_mount_point+0xb0/0xb0
[  617.607205]  internal_create_groups.part.0+0x90/0x140
[  617.607801]  sysfs_create_groups+0x25/0x50
[  617.608280]  kobject_add_internal+0x550/0xa30
[  617.608792]  kobject_init_and_add+0x101/0x160
[  617.609305]  ? kobject_create_and_add+0xb0/0xb0
[  617.609846]  netdev_queue_update_kobjects+0x13b/0x3e0
[  617.610442]  netif_set_real_num_tx_queues+0x1ba/0x790
[  617.611035]  tun_attach.isra.0+0x610/0x1760
[  617.611548]  __tun_chr_ioctl+0x173c/0x3f40
[  617.612037]  ? __mutex_unlock_slowpath+0xe1/0x600
[  617.612586]  ? tun_chr_poll+0x700/0x700
[  617.613039]  ? wait_for_completion_io+0x270/0x270
[  617.613599]  ? selinux_file_ioctl+0xb6/0x270
[  617.614106]  ? tun_chr_compat_ioctl+0x30/0x30
[  617.614626]  __x64_sys_ioctl+0x19a/0x210
[  617.615095]  do_syscall_64+0x33/0x40
[  617.615533]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  617.616121] RIP: 0033:0x7f6888bfdb19
[  617.616551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  617.618652] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  617.619533] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  617.620340] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  617.621158] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  617.621968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  617.622780] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:14:00 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xa, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:00 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)

08:14:00 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:14:00 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 12)

08:14:00 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:00 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:14:00 executing program 7:
openat(0xffffffffffffff9c, 0x0, 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:00 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x3, 0x0, 0x0, &(0x7f0000000180))

08:14:00 executing program 7:
openat(0xffffffffffffff9c, 0x0, 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:00 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:00 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4, 0x0, 0x0, &(0x7f0000000180))

[  632.980604] FAULT_INJECTION: forcing a failure.
[  632.980604] name failslab, interval 1, probability 0, space 0, times 0
[  632.983136] CPU: 1 PID: 5886 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  632.984570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  632.986297] Call Trace:
[  632.986859]  dump_stack+0x107/0x167
[  632.987636]  should_fail.cold+0x5/0xa
[  632.988442]  ? __kernfs_new_node+0xd4/0x860
[  632.989352]  should_failslab+0x5/0x20
[  632.990150]  kmem_cache_alloc+0x5b/0x310
[  632.991004]  __kernfs_new_node+0xd4/0x860
[  632.991883]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  632.992878]  ? __mutex_unlock_slowpath+0xe1/0x600
[  632.993895]  ? wait_for_completion_io+0x270/0x270
[  632.994906]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  632.996051]  kernfs_new_node+0x18d/0x250
[  632.996906]  __kernfs_create_file+0x51/0x350
[  632.997838]  sysfs_add_file_mode_ns+0x221/0x560
[  632.998819]  internal_create_group+0x324/0xb30
[  632.999796]  ? sysfs_remove_group+0x170/0x170
[  633.000730]  ? kernfs_create_dir_ns+0x10b/0x160
[  633.001707]  ? sysfs_create_dir_ns+0x139/0x290
[  633.002671]  ? sysfs_create_dir_ns+0x177/0x290
[  633.003675]  ? sysfs_create_mount_point+0xb0/0xb0
[  633.004689]  internal_create_groups.part.0+0x90/0x140
[  633.005773]  sysfs_create_groups+0x25/0x50
[  633.006663]  kobject_add_internal+0x550/0xa30
[  633.007626]  kobject_init_and_add+0x101/0x160
[  633.008567]  ? kobject_create_and_add+0xb0/0xb0
[  633.009569]  netdev_queue_update_kobjects+0x13b/0x3e0
[  633.010668]  netif_set_real_num_tx_queues+0x1ba/0x790
[  633.011788]  tun_attach.isra.0+0x610/0x1760
[  633.012724]  __tun_chr_ioctl+0x173c/0x3f40
[  633.013621]  ? __mutex_unlock_slowpath+0xe1/0x600
[  633.014624]  ? tun_chr_poll+0x700/0x700
[  633.015455]  ? wait_for_completion_io+0x270/0x270
[  633.016484]  ? selinux_file_ioctl+0xb6/0x270
[  633.017412]  ? tun_chr_compat_ioctl+0x30/0x30
[  633.018378]  __x64_sys_ioctl+0x19a/0x210
[  633.018560] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=5895 comm=syz-executor.0
[  633.019229]  do_syscall_64+0x33/0x40
[  633.019249]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  633.019261] RIP: 0033:0x7f6888bfdb19
[  633.019278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  633.019297] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  633.029810] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  633.031296] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  633.032794] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  633.034289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  633.035815] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:14:00 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:00 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x5, 0x0, 0x0, &(0x7f0000000180))

08:14:00 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:14:00 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  633.143061] 9pnet: Insufficient options for proto=fd
08:14:00 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x10, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:00 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x6, 0x0, 0x0, &(0x7f0000000180))

[  633.181211] kobject_add_internal failed for tx-1 (error: -12 parent: queues)
[  633.298711] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=5927 comm=syz-executor.0
08:14:14 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x300, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:14 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:14 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:14 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 13)

08:14:14 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:14 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:14:14 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x7, 0x0, 0x0, &(0x7f0000000180))

08:14:14 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

08:14:14 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

[  647.459915] 9pnet: Insufficient options for proto=fd
08:14:14 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:14 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xa, 0x0, 0x0, &(0x7f0000000180))

08:14:14 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x483, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  647.509383] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=5961 comm=syz-executor.0
[  647.518194] FAULT_INJECTION: forcing a failure.
[  647.518194] name failslab, interval 1, probability 0, space 0, times 0
[  647.520721] CPU: 1 PID: 5963 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  647.522239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  647.524062] Call Trace:
[  647.524653]  dump_stack+0x107/0x167
[  647.525456]  should_fail.cold+0x5/0xa
[  647.526305]  ? create_object.isra.0+0x3a/0xa20
[  647.527315]  should_failslab+0x5/0x20
[  647.528163]  kmem_cache_alloc+0x5b/0x310
[  647.529054]  create_object.isra.0+0x3a/0xa20
[  647.530024]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  647.531151]  kmem_cache_alloc+0x159/0x310
[  647.532083]  __kernfs_new_node+0xd4/0x860
[  647.532995]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  647.534044]  ? __mutex_unlock_slowpath+0xe1/0x600
[  647.535099]  ? wait_for_completion_io+0x270/0x270
[  647.536190]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  647.537334]  kernfs_new_node+0x18d/0x250
[  647.538251]  __kernfs_create_file+0x51/0x350
[  647.539226]  sysfs_add_file_mode_ns+0x221/0x560
[  647.540274]  internal_create_group+0x324/0xb30
[  647.541281]  ? sysfs_remove_group+0x170/0x170
[  647.542252]  ? kernfs_create_dir_ns+0x10b/0x160
[  647.543262]  ? sysfs_create_dir_ns+0x139/0x290
[  647.544289]  ? sysfs_create_dir_ns+0x177/0x290
[  647.545378]  ? sysfs_create_mount_point+0xb0/0xb0
[  647.546649]  internal_create_groups.part.0+0x90/0x140
[  647.547972]  sysfs_create_groups+0x25/0x50
[  647.548935]  kobject_add_internal+0x550/0xa30
[  647.549945]  kobject_init_and_add+0x101/0x160
[  647.551065]  ? kobject_create_and_add+0xb0/0xb0
[  647.552410]  netdev_queue_update_kobjects+0x13b/0x3e0
[  647.553852]  netif_set_real_num_tx_queues+0x1ba/0x790
[  647.555306]  tun_attach.isra.0+0x610/0x1760
[  647.556545]  __tun_chr_ioctl+0x173c/0x3f40
[  647.557726]  ? __mutex_unlock_slowpath+0xe1/0x600
[  647.558992]  ? tun_chr_poll+0x700/0x700
[  647.560047]  ? wait_for_completion_io+0x270/0x270
[  647.561324]  ? selinux_file_ioctl+0xb6/0x270
[  647.562344]  ? tun_chr_compat_ioctl+0x30/0x30
[  647.563365]  __x64_sys_ioctl+0x19a/0x210
[  647.564352]  do_syscall_64+0x33/0x40
[  647.565390]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  647.566829] RIP: 0033:0x7f6888bfdb19
[  647.567889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  647.573073] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  647.575223] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  647.577266] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  647.579316] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  647.580690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  647.581810] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:14:14 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:14 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

[  647.636905] 9pnet: Insufficient options for proto=fd
08:14:14 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x500, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:14 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:14 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:14 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  647.786646] 9pnet: Insufficient options for proto=fd
[  647.828198] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=5999 comm=syz-executor.0
08:14:29 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:29 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xf, 0x0, 0x0, &(0x7f0000000180))

08:14:29 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 14)

08:14:29 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:14:29 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x600, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:29 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:29 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x0, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:29 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:29 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x10, 0x0, 0x0, &(0x7f0000000180))

[  662.314156] 9pnet: Insufficient options for proto=fd
08:14:29 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x700, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  662.341250] FAULT_INJECTION: forcing a failure.
[  662.341250] name failslab, interval 1, probability 0, space 0, times 0
[  662.343793] CPU: 0 PID: 6033 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  662.345258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  662.347009] Call Trace:
[  662.347574]  dump_stack+0x107/0x167
[  662.348355]  should_fail.cold+0x5/0xa
[  662.349173]  ? __kernfs_new_node+0xd4/0x860
[  662.350104]  should_failslab+0x5/0x20
[  662.350919]  kmem_cache_alloc+0x5b/0x310
[  662.351783]  __kernfs_new_node+0xd4/0x860
[  662.352680]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  662.353686]  ? __mutex_unlock_slowpath+0xe1/0x600
[  662.354714]  ? wait_for_completion_io+0x270/0x270
[  662.355746]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  662.356836] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6020 comm=syz-executor.0
[  662.356868]  kernfs_new_node+0x18d/0x250
[  662.360003]  __kernfs_create_file+0x51/0x350
[  662.360935]  sysfs_add_file_mode_ns+0x221/0x560
[  662.361933]  internal_create_group+0x324/0xb30
[  662.362908]  ? sysfs_remove_group+0x170/0x170
[  662.363862]  ? kernfs_create_dir_ns+0x10b/0x160
[  662.364842]  ? sysfs_create_dir_ns+0x139/0x290
[  662.365816]  ? sysfs_create_dir_ns+0x177/0x290
[  662.366787]  ? sysfs_create_mount_point+0xb0/0xb0
[  662.367828]  internal_create_groups.part.0+0x90/0x140
[  662.368922]  sysfs_create_groups+0x25/0x50
[  662.369153] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6028 comm=syz-executor.6
[  662.369819]  kobject_add_internal+0x550/0xa30
[  662.369851]  kobject_init_and_add+0x101/0x160
[  662.373982]  ? kobject_create_and_add+0xb0/0xb0
[  662.374988]  netdev_queue_update_kobjects+0x13b/0x3e0
[  662.376100]  netif_set_real_num_tx_queues+0x1ba/0x790
[  662.377213]  tun_attach.isra.0+0x610/0x1760
[  662.378151]  __tun_chr_ioctl+0x173c/0x3f40
[  662.379075]  ? __mutex_unlock_slowpath+0xe1/0x600
[  662.380111]  ? tun_chr_poll+0x700/0x700
[  662.380951]  ? wait_for_completion_io+0x270/0x270
[  662.381983]  ? selinux_file_ioctl+0xb6/0x270
[  662.382918]  ? tun_chr_compat_ioctl+0x30/0x30
[  662.383879]  __x64_sys_ioctl+0x19a/0x210
[  662.384743]  do_syscall_64+0x33/0x40
[  662.385531]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  662.386612] RIP: 0033:0x7f6888bfdb19
[  662.387405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  662.391333] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
08:14:29 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  662.392970] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  662.394655] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  662.396184] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  662.397703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  662.399214] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[  662.482573] 9pnet: Insufficient options for proto=fd
[  662.520781] kobject_add_internal failed for tx-1 (error: -12 parent: queues)
08:14:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x11, 0x0, 0x0, &(0x7f0000000180))

08:14:43 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 15)

08:14:43 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:14:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x900, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:43 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x0, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:43 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:43 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:14:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2c, 0x0, 0x0, &(0x7f0000000180))

[  676.183936] FAULT_INJECTION: forcing a failure.
[  676.183936] name failslab, interval 1, probability 0, space 0, times 0
[  676.186388] CPU: 0 PID: 6069 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  676.187829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  676.189575] Call Trace:
[  676.190127]  dump_stack+0x107/0x167
[  676.190887]  should_fail.cold+0x5/0xa
[  676.191686]  ? create_object.isra.0+0x3a/0xa20
[  676.192654]  should_failslab+0x5/0x20
[  676.193458]  kmem_cache_alloc+0x5b/0x310
[  676.194314]  create_object.isra.0+0x3a/0xa20
[  676.195234]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  676.196313]  kmem_cache_alloc+0x159/0x310
[  676.197194]  __kernfs_new_node+0xd4/0x860
[  676.198063]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  676.199059]  ? __mutex_unlock_slowpath+0xe1/0x600
[  676.200077]  ? wait_for_completion_io+0x270/0x270
[  676.200348] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6073 comm=syz-executor.0
[  676.201084]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  676.201108]  kernfs_new_node+0x18d/0x250
[  676.201131]  __kernfs_create_file+0x51/0x350
[  676.201163]  sysfs_add_file_mode_ns+0x221/0x560
[  676.207472]  internal_create_group+0x324/0xb30
[  676.208443]  ? sysfs_remove_group+0x170/0x170
[  676.209381]  ? kernfs_create_dir_ns+0x10b/0x160
[  676.210358]  ? sysfs_create_dir_ns+0x139/0x290
[  676.211324]  ? sysfs_create_dir_ns+0x177/0x290
[  676.212294]  ? sysfs_create_mount_point+0xb0/0xb0
[  676.213305]  internal_create_groups.part.0+0x90/0x140
[  676.214342] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6075 comm=syz-executor.6
[  676.214393]  sysfs_create_groups+0x25/0x50
[  676.217786]  kobject_add_internal+0x550/0xa30
[  676.218729]  kobject_init_and_add+0x101/0x160
[  676.219673]  ? kobject_create_and_add+0xb0/0xb0
[  676.220700]  netdev_queue_update_kobjects+0x13b/0x3e0
[  676.221796]  netif_set_real_num_tx_queues+0x1ba/0x790
[  676.222879]  tun_attach.isra.0+0x610/0x1760
[  676.223803]  __tun_chr_ioctl+0x173c/0x3f40
[  676.224707]  ? __mutex_unlock_slowpath+0xe1/0x600
[  676.225712]  ? tun_chr_poll+0x700/0x700
[  676.226543]  ? wait_for_completion_io+0x270/0x270
[  676.227568]  ? selinux_file_ioctl+0xb6/0x270
[  676.228505]  ? tun_chr_compat_ioctl+0x30/0x30
[  676.229449]  __x64_sys_ioctl+0x19a/0x210
[  676.230300]  do_syscall_64+0x33/0x40
[  676.231085]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  676.232164] RIP: 0033:0x7f6888bfdb19
[  676.232937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  676.236811] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  676.238458] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  676.240014] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  676.241540] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  676.243061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  676.244603] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:14:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xa00, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x48, 0x0, 0x0, &(0x7f0000000180))

08:14:43 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x0, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:43 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x0, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xb00, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x1020, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4c, 0x0, 0x0, &(0x7f0000000180))

[  676.473643] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6100 comm=syz-executor.0
[  676.490630] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6102 comm=syz-executor.6
08:14:43 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 16)

08:14:43 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:14:43 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:14:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:43 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0x0, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  676.609471] FAULT_INJECTION: forcing a failure.
[  676.609471] name failslab, interval 1, probability 0, space 0, times 0
[  676.612007] CPU: 0 PID: 6121 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  676.613485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  676.615264] Call Trace:
[  676.615839]  dump_stack+0x107/0x167
[  676.616642]  should_fail.cold+0x5/0xa
[  676.617483]  ? __kernfs_new_node+0xd4/0x860
[  676.618432]  should_failslab+0x5/0x20
[  676.619263]  kmem_cache_alloc+0x5b/0x310
[  676.620163]  __kernfs_new_node+0xd4/0x860
[  676.621076]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  676.622090]  ? __mutex_unlock_slowpath+0xe1/0x600
[  676.623112]  ? wait_for_completion_io+0x270/0x270
[  676.624176]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  676.625286]  kernfs_new_node+0x18d/0x250
[  676.626143]  __kernfs_create_file+0x51/0x350
[  676.627071]  sysfs_add_file_mode_ns+0x221/0x560
[  676.628062]  internal_create_group+0x324/0xb30
[  676.629028]  ? sysfs_remove_group+0x170/0x170
[  676.629970]  ? kernfs_create_dir_ns+0x10b/0x160
[  676.630948]  ? sysfs_create_dir_ns+0x139/0x290
[  676.631899]  ? sysfs_create_dir_ns+0x177/0x290
[  676.632868]  ? sysfs_create_mount_point+0xb0/0xb0
[  676.633884]  internal_create_groups.part.0+0x90/0x140
[  676.634975]  sysfs_create_groups+0x25/0x50
[  676.635871]  kobject_add_internal+0x550/0xa30
[  676.636836]  kobject_init_and_add+0x101/0x160
[  676.637788]  ? kobject_create_and_add+0xb0/0xb0
[  676.638791]  netdev_queue_update_kobjects+0x13b/0x3e0
[  676.639883]  netif_set_real_num_tx_queues+0x1ba/0x790
[  676.640994]  tun_attach.isra.0+0x610/0x1760
[  676.641942]  __tun_chr_ioctl+0x173c/0x3f40
[  676.642841]  ? __mutex_unlock_slowpath+0xe1/0x600
[  676.643852]  ? tun_chr_poll+0x700/0x700
[  676.644692]  ? wait_for_completion_io+0x270/0x270
[  676.645709]  ? selinux_file_ioctl+0xb6/0x270
[  676.646626]  ? tun_chr_compat_ioctl+0x30/0x30
[  676.647572]  __x64_sys_ioctl+0x19a/0x210
[  676.648440]  do_syscall_64+0x33/0x40
[  676.649212]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  676.650288] RIP: 0033:0x7f6888bfdb19
[  676.651085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  676.654920] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  676.656505] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  676.657989] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  676.659480] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  676.660979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  676.662452] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[  676.748245] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6130 comm=syz-executor.0
[  676.753946] kobject_add_internal failed for tx-1 (error: -12 parent: queues)
08:14:59 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:14:59 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:14:59 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 17)

08:14:59 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2010, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:59 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x68, 0x0, 0x0, &(0x7f0000000180))

08:14:59 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:14:59 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:59 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0x0, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:14:59 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x6c, 0x0, 0x0, &(0x7f0000000180))

08:14:59 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8304, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  692.575106] FAULT_INJECTION: forcing a failure.
[  692.575106] name failslab, interval 1, probability 0, space 0, times 0
[  692.577511] CPU: 1 PID: 6152 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  692.578955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  692.580718] Call Trace:
[  692.581284]  dump_stack+0x107/0x167
[  692.582058]  should_fail.cold+0x5/0xa
[  692.582871]  ? create_object.isra.0+0x3a/0xa20
[  692.583844]  should_failslab+0x5/0x20
[  692.584658]  kmem_cache_alloc+0x5b/0x310
[  692.585529]  create_object.isra.0+0x3a/0xa20
[  692.586484]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  692.587547]  kmem_cache_alloc+0x159/0x310
[  692.588441]  __kernfs_new_node+0xd4/0x860
[  692.589313]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  692.590272]  ? __mutex_unlock_slowpath+0xe1/0x600
[  692.591283]  ? wait_for_completion_io+0x270/0x270
[  692.592306]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  692.593404]  kernfs_new_node+0x18d/0x250
[  692.594262]  __kernfs_create_file+0x51/0x350
[  692.595195]  sysfs_add_file_mode_ns+0x221/0x560
[  692.596189]  internal_create_group+0x324/0xb30
[  692.597151]  ? sysfs_remove_group+0x170/0x170
[  692.598090]  ? kernfs_create_dir_ns+0x10b/0x160
[  692.599070]  ? sysfs_create_dir_ns+0x139/0x290
[  692.600001]  ? sysfs_create_dir_ns+0x177/0x290
[  692.600962]  ? sysfs_create_mount_point+0xb0/0xb0
[  692.601976]  internal_create_groups.part.0+0x90/0x140
[  692.602828] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6164 comm=syz-executor.0
[  692.603059]  sysfs_create_groups+0x25/0x50
[  692.603080]  kobject_add_internal+0x550/0xa30
[  692.603107]  kobject_init_and_add+0x101/0x160
[  692.603125]  ? kobject_create_and_add+0xb0/0xb0
[  692.603164]  netdev_queue_update_kobjects+0x13b/0x3e0
[  692.603192]  netif_set_real_num_tx_queues+0x1ba/0x790
[  692.603219]  tun_attach.isra.0+0x610/0x1760
[  692.603259]  __tun_chr_ioctl+0x173c/0x3f40
[  692.613308]  ? __mutex_unlock_slowpath+0xe1/0x600
[  692.614323]  ? tun_chr_poll+0x700/0x700
[  692.615159]  ? wait_for_completion_io+0x270/0x270
[  692.616190]  ? selinux_file_ioctl+0xb6/0x270
[  692.617115]  ? tun_chr_compat_ioctl+0x30/0x30
[  692.618069]  __x64_sys_ioctl+0x19a/0x210
[  692.618924]  do_syscall_64+0x33/0x40
[  692.619720]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  692.620814] RIP: 0033:0x7f6888bfdb19
[  692.621602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  692.625383] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  692.626997] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  692.628513] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  692.630020] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  692.631544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  692.633064] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:14:59 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x74, 0x0, 0x0, &(0x7f0000000180))

08:14:59 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xedc0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:14:59 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0x0, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:15:00 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:15:00 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[  692.891182] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6180 comm=syz-executor.0
08:15:22 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:15:22 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:22 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x80000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:22 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

08:15:22 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 18)

08:15:22 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:15:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x7a, 0x0, 0x0, &(0x7f0000000180))

08:15:22 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  715.444637] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6208 comm=syz-executor.0
[  715.459522] FAULT_INJECTION: forcing a failure.
[  715.459522] name failslab, interval 1, probability 0, space 0, times 0
[  715.460922] CPU: 0 PID: 6209 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  715.461746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  715.462747] Call Trace:
[  715.463077]  dump_stack+0x107/0x167
[  715.463526]  should_fail.cold+0x5/0xa
[  715.464000]  ? __kernfs_new_node+0xd4/0x860
[  715.464541]  should_failslab+0x5/0x20
[  715.465010]  kmem_cache_alloc+0x5b/0x310
[  715.465515]  __kernfs_new_node+0xd4/0x860
[  715.466030]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  715.466613]  ? __mutex_unlock_slowpath+0xe1/0x600
[  715.467206]  ? wait_for_completion_io+0x270/0x270
[  715.467799]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  715.468457]  kernfs_new_node+0x18d/0x250
[  715.469091]  __kernfs_create_file+0x51/0x350
[  715.469687]  sysfs_add_file_mode_ns+0x221/0x560
[  715.470266]  internal_create_group+0x324/0xb30
[  715.470828]  ? sysfs_remove_group+0x170/0x170
[  715.471374]  ? kernfs_create_dir_ns+0x10b/0x160
[  715.471946]  ? sysfs_create_dir_ns+0x139/0x290
[  715.472506]  ? sysfs_create_dir_ns+0x177/0x290
[  715.473064]  ? sysfs_create_mount_point+0xb0/0xb0
[  715.473655]  internal_create_groups.part.0+0x90/0x140
[  715.474286]  sysfs_create_groups+0x25/0x50
[  715.474804]  kobject_add_internal+0x550/0xa30
[  715.475329]  kobject_init_and_add+0x101/0x160
[  715.475849]  ? kobject_create_and_add+0xb0/0xb0
[  715.476408]  netdev_queue_update_kobjects+0x13b/0x3e0
[  715.477015]  netif_set_real_num_tx_queues+0x1ba/0x790
[  715.477619]  tun_attach.isra.0+0x610/0x1760
[  715.478136]  __tun_chr_ioctl+0x173c/0x3f40
[  715.478628]  ? __mutex_unlock_slowpath+0xe1/0x600
[  715.479186]  ? tun_chr_poll+0x700/0x700
[  715.479646]  ? wait_for_completion_io+0x270/0x270
[  715.480213]  ? selinux_file_ioctl+0xb6/0x270
[  715.480754]  ? tun_chr_compat_ioctl+0x30/0x30
[  715.481285]  __x64_sys_ioctl+0x19a/0x210
[  715.481760]  do_syscall_64+0x33/0x40
[  715.482196]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  715.482790] RIP: 0033:0x7f6888bfdb19
[  715.483221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  715.485388] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  715.486277] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  715.487121] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  715.487953] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  715.488785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  715.489608] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:15:22 executing program 6:
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:15:22 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xe0ffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2f0, 0x0, 0x0, &(0x7f0000000180))

[  715.631384] kobject_add_internal failed for tx-1 (error: -12 parent: queues)
08:15:36 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:15:36 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 19)

08:15:36 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

08:15:36 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:15:36 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x1000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:36 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x300, 0x0, 0x0, &(0x7f0000000180))

08:15:36 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:36 executing program 6:
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:15:36 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x480, 0x0, 0x0, &(0x7f0000000180))

[  729.710256] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6260 comm=syz-executor.0
[  729.713845] FAULT_INJECTION: forcing a failure.
[  729.713845] name failslab, interval 1, probability 0, space 0, times 0
[  729.715223] CPU: 0 PID: 6276 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  729.716048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  729.717057] Call Trace:
[  729.717381]  dump_stack+0x107/0x167
[  729.717822]  should_fail.cold+0x5/0xa
[  729.718289]  ? create_object.isra.0+0x3a/0xa20
[  729.718846]  should_failslab+0x5/0x20
[  729.719308]  kmem_cache_alloc+0x5b/0x310
[  729.719802]  create_object.isra.0+0x3a/0xa20
[  729.720340]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  729.720969]  kmem_cache_alloc+0x159/0x310
[  729.721480]  __kernfs_new_node+0xd4/0x860
[  729.721994]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  729.722573]  ? __mutex_unlock_slowpath+0xe1/0x600
[  729.723157]  ? wait_for_completion_io+0x270/0x270
[  729.723746]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  729.724384]  kernfs_new_node+0x18d/0x250
[  729.724887]  __kernfs_create_file+0x51/0x350
[  729.725425]  sysfs_add_file_mode_ns+0x221/0x560
[  729.726004]  internal_create_group+0x324/0xb30
[  729.726561]  ? sysfs_remove_group+0x170/0x170
[  729.727105]  ? kernfs_create_dir_ns+0x10b/0x160
[  729.727671]  ? sysfs_create_dir_ns+0x139/0x290
[  729.728219]  ? sysfs_create_dir_ns+0x177/0x290
[  729.728783]  ? sysfs_create_mount_point+0xb0/0xb0
[  729.729365]  internal_create_groups.part.0+0x90/0x140
[  729.729987]  sysfs_create_groups+0x25/0x50
[  729.730501]  kobject_add_internal+0x550/0xa30
[  729.731050]  kobject_init_and_add+0x101/0x160
[  729.731592]  ? kobject_create_and_add+0xb0/0xb0
[  729.732168]  netdev_queue_update_kobjects+0x13b/0x3e0
[  729.732818]  netif_set_real_num_tx_queues+0x1ba/0x790
[  729.733446]  tun_attach.isra.0+0x610/0x1760
[  729.733981]  __tun_chr_ioctl+0x173c/0x3f40
[  729.734493]  ? __mutex_unlock_slowpath+0xe1/0x600
[  729.735076]  ? tun_chr_poll+0x700/0x700
[  729.735554]  ? wait_for_completion_io+0x270/0x270
[  729.736146]  ? selinux_file_ioctl+0xb6/0x270
[  729.736692]  ? tun_chr_compat_ioctl+0x30/0x30
[  729.737239]  __x64_sys_ioctl+0x19a/0x210
[  729.737737]  do_syscall_64+0x33/0x40
[  729.738193]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  729.738811] RIP: 0033:0x7f6888bfdb19
[  729.739260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  729.741504] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  729.742429] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  729.743294] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  729.744154] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  729.745023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  729.745887] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:15:37 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

08:15:37 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x500, 0x0, 0x0, &(0x7f0000000180))

08:15:37 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:37 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:15:37 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x3000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:37 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:15:37 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x600, 0x0, 0x0, &(0x7f0000000180))

[  729.847414] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6293 comm=syz-executor.0
08:15:37 executing program 6:
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:15:37 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:52 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x4000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:52 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(0x0, 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:15:52 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x700, 0x0, 0x0, &(0x7f0000000180))

08:15:52 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:52 executing program 6:
clone3(0x0, 0x0)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:15:52 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

08:15:52 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x80, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:15:52 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 20)

08:15:52 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x5000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:52 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xa00, 0x0, 0x0, &(0x7f0000000180))

[  745.144583] FAULT_INJECTION: forcing a failure.
[  745.144583] name failslab, interval 1, probability 0, space 0, times 0
[  745.147107] CPU: 1 PID: 6342 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  745.148556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  745.150346] Call Trace:
[  745.150902]  dump_stack+0x107/0x167
[  745.151681]  should_fail.cold+0x5/0xa
[  745.152499]  ? __kernfs_new_node+0xd4/0x860
[  745.153438]  should_failslab+0x5/0x20
[  745.154252]  kmem_cache_alloc+0x5b/0x310
[  745.155124]  __kernfs_new_node+0xd4/0x860
[  745.155184] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6335 comm=syz-executor.0
[  745.155998]  ? kernfs_put+0x31/0x50
[  745.156017]  ? internal_create_group+0x629/0xb30
[  745.156037]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  745.156059]  ? sysfs_remove_group+0x170/0x170
[  745.156073]  ? kernfs_create_dir_ns+0x10b/0x160
[  745.156102]  ? map_id_range_down+0x1c4/0x340
[  745.156125]  ? projid_m_show+0x220/0x220
[  745.156148]  kernfs_new_node+0x18d/0x250
[  745.156170]  kernfs_create_dir_ns+0x49/0x160
[  745.156196]  internal_create_group+0x793/0xb30
[  745.167859]  ? kobject_create_and_add+0xb0/0xb0
[  745.168859]  ? sysfs_remove_group+0x170/0x170
[  745.169821]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  745.170937]  netif_set_real_num_tx_queues+0x1ba/0x790
[  745.172034]  tun_attach.isra.0+0x610/0x1760
[  745.172980]  __tun_chr_ioctl+0x173c/0x3f40
[  745.173883]  ? __mutex_unlock_slowpath+0xe1/0x600
[  745.174910]  ? tun_chr_poll+0x700/0x700
[  745.175757]  ? wait_for_completion_io+0x270/0x270
[  745.176802]  ? selinux_file_ioctl+0xb6/0x270
[  745.177745]  ? tun_chr_compat_ioctl+0x30/0x30
[  745.178708]  __x64_sys_ioctl+0x19a/0x210
[  745.179583]  do_syscall_64+0x33/0x40
[  745.180380]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  745.181477] RIP: 0033:0x7f6888bfdb19
[  745.182270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  745.186168] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  745.187779] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  745.189307] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  745.190801] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  745.192290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  745.193815] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:15:52 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:15:52 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:15:52 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x6000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:15:52 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(0x0, 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:15:52 executing program 6:
clone3(0x0, 0x0)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:15:52 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xf00, 0x0, 0x0, &(0x7f0000000180))

[  745.355238] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6357 comm=syz-executor.1
08:15:52 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x7000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  745.439532] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6359 comm=syz-executor.0
08:16:10 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:16:10 executing program 6:
clone3(0x0, 0x0)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:16:10 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(0x0, 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:16:10 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:16:10 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:10 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 21)

08:16:10 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x1100, 0x0, 0x0, &(0x7f0000000180))

08:16:10 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:10 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x9000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  763.598463] FAULT_INJECTION: forcing a failure.
[  763.598463] name failslab, interval 1, probability 0, space 0, times 0
[  763.601047] CPU: 1 PID: 6393 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  763.602608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  763.604600] Call Trace:
[  763.605213]  dump_stack+0x107/0x167
[  763.606026]  should_fail.cold+0x5/0xa
[  763.606879]  ? create_object.isra.0+0x3a/0xa20
[  763.607905]  should_failslab+0x5/0x20
[  763.608755]  kmem_cache_alloc+0x5b/0x310
[  763.609670]  ? kernfs_add_one+0x124/0x4d0
[  763.610596]  create_object.isra.0+0x3a/0xa20
[  763.611573]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  763.612712]  kmem_cache_alloc+0x159/0x310
[  763.613655]  __kernfs_new_node+0xd4/0x860
[  763.614579]  ? kernfs_put+0x31/0x50
[  763.615391]  ? internal_create_group+0x629/0xb30
[  763.616465]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  763.617576]  ? sysfs_remove_group+0x170/0x170
[  763.618573]  ? kernfs_create_dir_ns+0x10b/0x160
[  763.619619]  ? map_id_range_down+0x1c4/0x340
[  763.620605]  ? projid_m_show+0x220/0x220
[  763.621536]  kernfs_new_node+0x18d/0x250
[  763.622452]  kernfs_create_dir_ns+0x49/0x160
[  763.623437]  internal_create_group+0x793/0xb30
[  763.624469]  ? kobject_create_and_add+0xb0/0xb0
[  763.625528]  ? sysfs_remove_group+0x170/0x170
[  763.626600]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  763.627794]  netif_set_real_num_tx_queues+0x1ba/0x790
[  763.629057]  tun_attach.isra.0+0x610/0x1760
[  763.630109]  __tun_chr_ioctl+0x173c/0x3f40
[  763.631110]  ? __mutex_unlock_slowpath+0xe1/0x600
[  763.632242]  ? tun_chr_poll+0x700/0x700
[  763.633233]  ? wait_for_completion_io+0x270/0x270
[  763.634399]  ? selinux_file_ioctl+0xb6/0x270
[  763.635482]  ? tun_chr_compat_ioctl+0x30/0x30
[  763.636551]  __x64_sys_ioctl+0x19a/0x210
[  763.637531]  do_syscall_64+0x33/0x40
[  763.638416]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  763.639623] RIP: 0033:0x7f6888bfdb19
[  763.640512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  763.644909] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  763.646724] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  763.648426] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  763.650138] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  763.651830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  763.653545] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:16:10 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2c00, 0x0, 0x0, &(0x7f0000000180))

08:16:10 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xa000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:10 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[  763.693830] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6417 comm=syz-executor.0
[  763.711147] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6407 comm=syz-executor.1
08:16:11 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:11 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xb000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:26 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4000, 0x0, 0x0, &(0x7f0000000180))

08:16:26 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 22)

08:16:26 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:16:26 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>r1, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:16:26 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x10000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:26 executing program 6:
clone3(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:16:26 executing program 1:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x74, 0x0, 0x0, &(0x7f0000000180))

08:16:26 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:26 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4800, 0x0, 0x0, &(0x7f0000000180))

[  779.545187] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6453 comm=syz-executor.0
[  779.564910] FAULT_INJECTION: forcing a failure.
[  779.564910] name failslab, interval 1, probability 0, space 0, times 0
[  779.567563] CPU: 1 PID: 6459 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  779.568926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  779.570618] Call Trace:
[  779.571151]  dump_stack+0x107/0x167
[  779.571882]  should_fail.cold+0x5/0xa
[  779.572655]  ? __kernfs_new_node+0xd4/0x860
[  779.573522]  should_failslab+0x5/0x20
[  779.574313]  kmem_cache_alloc+0x5b/0x310
[  779.575129]  __kernfs_new_node+0xd4/0x860
[  779.575944]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  779.576875]  ? kernfs_add_one+0x36e/0x4d0
[  779.577725]  ? mutex_lock_io_nested+0xf30/0xf30
[  779.578652]  ? __mutex_unlock_slowpath+0xe1/0x600
[  779.579577]  kernfs_new_node+0x18d/0x250
[  779.580388]  __kernfs_create_file+0x51/0x350
[  779.581292]  sysfs_add_file_mode_ns+0x221/0x560
[  779.582215]  internal_create_group+0x324/0xb30
[  779.583127]  ? sysfs_remove_group+0x170/0x170
[  779.584010]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  779.585039]  netif_set_real_num_tx_queues+0x1ba/0x790
[  779.586067]  tun_attach.isra.0+0x610/0x1760
[  779.586916]  __tun_chr_ioctl+0x173c/0x3f40
[  779.587732]  ? __mutex_unlock_slowpath+0xe1/0x600
[  779.588661]  ? tun_chr_poll+0x700/0x700
[  779.589437]  ? wait_for_completion_io+0x270/0x270
[  779.590385]  ? selinux_file_ioctl+0xb6/0x270
[  779.591227]  ? tun_chr_compat_ioctl+0x30/0x30
[  779.592091]  __x64_sys_ioctl+0x19a/0x210
[  779.592890]  do_syscall_64+0x33/0x40
[  779.593623]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  779.594626] RIP: 0033:0x7f6888bfdb19
[  779.595340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  779.598908] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  779.600370] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  779.601842] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  779.603236] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  779.604630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  779.605997] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:16:26 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x20000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:26 executing program 1:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x74, 0x0, 0x0, &(0x7f0000000180))

[  779.644226] 9pnet: Insufficient options for proto=fd
08:16:26 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:26 executing program 4:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:16:26 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4c00, 0x0, 0x0, &(0x7f0000000180))

08:16:26 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(0x0, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:27 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x6800, 0x0, 0x0, &(0x7f0000000180))

08:16:27 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>r1, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  779.801273] 9pnet: Insufficient options for proto=fd
[  779.809080] 9pnet: Insufficient options for proto=fd
[  779.828620] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6494 comm=syz-executor.0
08:16:42 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 23)

08:16:42 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x83040000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:42 executing program 6:
clone3(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:16:42 executing program 1:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x74, 0x0, 0x0, &(0x7f0000000180))

08:16:42 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x6c00, 0x0, 0x0, &(0x7f0000000180))

08:16:42 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:16:42 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(0x0, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:42 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>r1, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  795.698763] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6518 comm=syz-executor.0
08:16:42 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x7400, 0x0, 0x0, &(0x7f0000000180))

08:16:42 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 1)

08:16:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, 0x0, 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  795.750303] FAULT_INJECTION: forcing a failure.
[  795.750303] name failslab, interval 1, probability 0, space 0, times 0
[  795.752766] CPU: 1 PID: 6525 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  795.754218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  795.755960] Call Trace:
[  795.756525]  dump_stack+0x107/0x167
[  795.757293]  should_fail.cold+0x5/0xa
[  795.758105]  ? create_object.isra.0+0x3a/0xa20
[  795.759082]  should_failslab+0x5/0x20
[  795.759874]  kmem_cache_alloc+0x5b/0x310
[  795.760728]  create_object.isra.0+0x3a/0xa20
[  795.761662]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  795.762724]  kmem_cache_alloc+0x159/0x310
[  795.763599]  __kernfs_new_node+0xd4/0x860
[  795.764476]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  795.765462]  ? kernfs_add_one+0x36e/0x4d0
[  795.766349]  ? mutex_lock_io_nested+0xf30/0xf30
[  795.767326]  ? __mutex_unlock_slowpath+0xe1/0x600
[  795.768349]  kernfs_new_node+0x18d/0x250
[  795.769211]  __kernfs_create_file+0x51/0x350
[  795.770148]  sysfs_add_file_mode_ns+0x221/0x560
[  795.771150]  internal_create_group+0x324/0xb30
[  795.772121]  ? sysfs_remove_group+0x170/0x170
[  795.773080]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  795.774195]  netif_set_real_num_tx_queues+0x1ba/0x790
[  795.775296]  tun_attach.isra.0+0x610/0x1760
[  795.776243]  __tun_chr_ioctl+0x173c/0x3f40
[  795.777143]  ? __mutex_unlock_slowpath+0xe1/0x600
[  795.778183]  ? tun_chr_poll+0x700/0x700
[  795.779021]  ? wait_for_completion_io+0x270/0x270
[  795.780051]  ? selinux_file_ioctl+0xb6/0x270
[  795.780984]  ? tun_chr_compat_ioctl+0x30/0x30
[  795.781942]  __x64_sys_ioctl+0x19a/0x210
[  795.782810]  do_syscall_64+0x33/0x40
[  795.783604]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  795.784689] RIP: 0033:0x7f6888bfdb19
[  795.785480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  795.789375] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  795.790995] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  795.792497] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  795.794008] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  795.795539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  795.797054] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:16:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8cffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:43 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(0x0, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  795.833548] FAULT_INJECTION: forcing a failure.
[  795.833548] name failslab, interval 1, probability 0, space 0, times 0
[  795.836091] CPU: 1 PID: 6541 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  795.837544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  795.839309] Call Trace:
[  795.839879]  dump_stack+0x107/0x167
[  795.840651]  should_fail.cold+0x5/0xa
[  795.841465]  should_failslab+0x5/0x20
[  795.842265]  __kmalloc_track_caller+0x79/0x370
[  795.843221]  ? strndup_user+0x74/0xe0
[  795.844028]  memdup_user+0x22/0xd0
[  795.844774]  strndup_user+0x74/0xe0
[  795.845550]  __x64_sys_mount+0x133/0x300
[  795.846396]  ? copy_mnt_ns+0xa00/0xa00
[  795.847220]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  795.848313]  ? syscall_enter_from_user_mode+0x1d/0x50
[  795.849414]  do_syscall_64+0x33/0x40
[  795.850196]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  795.851298] RIP: 0033:0x7fd019574b19
[  795.852077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  795.855970] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  795.857582] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  795.859088] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  795.860599] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  795.862125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  795.863657] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:16:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x7a00, 0x0, 0x0, &(0x7f0000000180))

08:16:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xc0ed0000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  795.881255] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6535 comm=syz-executor.0
08:16:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x8004, 0x0, 0x0, &(0x7f0000000180))

08:16:56 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:56 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, 0x0, 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:16:56 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xf6ffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:56 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:16:56 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 2)

08:16:56 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xf002, 0x0, 0x0, &(0x7f0000000180))

08:16:56 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 24)

08:16:56 executing program 6:
clone3(&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:16:56 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x20000, 0x0, 0x0, &(0x7f0000000180))

[  809.361786] FAULT_INJECTION: forcing a failure.
[  809.361786] name failslab, interval 1, probability 0, space 0, times 0
[  809.364256] CPU: 1 PID: 6582 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  809.365732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  809.367538] Call Trace:
[  809.368116]  dump_stack+0x107/0x167
[  809.368900]  should_fail.cold+0x5/0xa
[  809.369741]  ? create_object.isra.0+0x3a/0xa20
[  809.370423] FAULT_INJECTION: forcing a failure.
[  809.370423] name failslab, interval 1, probability 0, space 0, times 0
[  809.370739]  should_failslab+0x5/0x20
[  809.374541]  kmem_cache_alloc+0x5b/0x310
[  809.375600]  create_object.isra.0+0x3a/0xa20
[  809.376730]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  809.378060]  __kmalloc_track_caller+0x177/0x370
[  809.379256]  ? strndup_user+0x74/0xe0
[  809.380244]  memdup_user+0x22/0xd0
[  809.381161]  strndup_user+0x74/0xe0
[  809.382121]  __x64_sys_mount+0x133/0x300
[  809.383165]  ? copy_mnt_ns+0xa00/0xa00
[  809.384178]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  809.385545]  ? syscall_enter_from_user_mode+0x1d/0x50
[  809.386879]  do_syscall_64+0x33/0x40
[  809.387842]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  809.389161] RIP: 0033:0x7fd019574b19
[  809.390134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  809.394883] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  809.396849] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  809.398697] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  809.400532] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  809.402381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  809.404217] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  809.406098] CPU: 0 PID: 6572 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  809.407581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  809.409359] Call Trace:
[  809.409943]  dump_stack+0x107/0x167
[  809.410724]  should_fail.cold+0x5/0xa
[  809.411545]  ? __kernfs_new_node+0xd4/0x860
[  809.412474]  should_failslab+0x5/0x20
[  809.413286]  kmem_cache_alloc+0x5b/0x310
[  809.414181]  __kernfs_new_node+0xd4/0x860
[  809.415073]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  809.416086]  ? kernfs_add_one+0x36e/0x4d0
[  809.416975]  ? __mutex_unlock_slowpath+0xe1/0x600
[  809.418023]  ? wait_for_completion_io+0x270/0x270
[  809.419059]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  809.420183]  kernfs_new_node+0x18d/0x250
[  809.421061]  __kernfs_create_file+0x51/0x350
[  809.422024]  sysfs_add_file_mode_ns+0x221/0x560
[  809.423028]  internal_create_group+0x324/0xb30
[  809.424012]  ? sysfs_remove_group+0x170/0x170
[  809.424991]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  809.426123]  netif_set_real_num_tx_queues+0x1ba/0x790
[  809.427236]  tun_attach.isra.0+0x610/0x1760
[  809.428186]  __tun_chr_ioctl+0x173c/0x3f40
[  809.429099]  ? __mutex_unlock_slowpath+0xe1/0x600
[  809.430146]  ? tun_chr_poll+0x700/0x700
[  809.430997]  ? wait_for_completion_io+0x270/0x270
[  809.432045]  ? selinux_file_ioctl+0xb6/0x270
[  809.432992]  ? tun_chr_compat_ioctl+0x30/0x30
[  809.433966]  __x64_sys_ioctl+0x19a/0x210
[  809.434843]  do_syscall_64+0x33/0x40
[  809.435644]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  809.436749] RIP: 0033:0x7f6888bfdb19
08:16:56 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xffffe000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  809.437560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  809.441685] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  809.443315] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  809.444840] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  809.446383] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  809.447908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  809.449602] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[  809.483556] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6579 comm=syz-executor.0
08:16:56 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xffffff8c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:16:56 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x1000000, 0x0, 0x0, &(0x7f0000000180))

08:16:56 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, 0x0, 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  809.649203] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6611 comm=syz-executor.0
08:17:10 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 25)

08:17:10 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xfffffff6, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:10 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:17:10 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  823.714644] FAULT_INJECTION: forcing a failure.
[  823.714644] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  823.717225] CPU: 0 PID: 6641 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  823.718653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
08:17:10 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000180))

08:17:10 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2000000, 0x0, 0x0, &(0x7f0000000180))

08:17:10 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 3)

08:17:10 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(0x0, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  823.720401] Call Trace:
[  823.721149]  dump_stack+0x107/0x167
[  823.721930]  should_fail.cold+0x5/0xa
[  823.722736]  _copy_from_user+0x2e/0x1b0
[  823.723574]  memdup_user+0x65/0xd0
[  823.724316]  strndup_user+0x74/0xe0
[  823.725085]  __x64_sys_mount+0x133/0x300
[  823.725946]  ? copy_mnt_ns+0xa00/0xa00
[  823.726780]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  823.727885]  ? syscall_enter_from_user_mode+0x1d/0x50
[  823.728969]  do_syscall_64+0x33/0x40
[  823.729767]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  823.730837] RIP: 0033:0x7fd019574b19
[  823.731612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  823.735499] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  823.737102] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  823.738581] FAULT_INJECTION: forcing a failure.
[  823.738581] name failslab, interval 1, probability 0, space 0, times 0
[  823.738608] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  823.738628] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  823.743884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  823.745380] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:17:11 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x3000000, 0x0, 0x0, &(0x7f0000000180))

08:17:11 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000180))

[  823.746909] CPU: 1 PID: 6631 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  823.748607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  823.750334] Call Trace:
[  823.750887]  dump_stack+0x107/0x167
[  823.751632]  should_fail.cold+0x5/0xa
[  823.752428]  ? create_object.isra.0+0x3a/0xa20
[  823.753374]  should_failslab+0x5/0x20
[  823.754160]  kmem_cache_alloc+0x5b/0x310
[  823.755026]  create_object.isra.0+0x3a/0xa20
[  823.755953]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  823.757015]  kmem_cache_alloc+0x159/0x310
[  823.757876]  __kernfs_new_node+0xd4/0x860
[  823.758733]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  823.759718]  ? kernfs_add_one+0x36e/0x4d0
[  823.760581]  ? __mutex_unlock_slowpath+0xe1/0x600
[  823.760819] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6638 comm=syz-executor.0
[  823.761573]  ? wait_for_completion_io+0x270/0x270
[  823.761597]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  823.761632]  kernfs_new_node+0x18d/0x250
[  823.761656]  __kernfs_create_file+0x51/0x350
[  823.761678]  sysfs_add_file_mode_ns+0x221/0x560
[  823.761706]  internal_create_group+0x324/0xb30
[  823.769925]  ? sysfs_remove_group+0x170/0x170
[  823.770861]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  823.771967]  netif_set_real_num_tx_queues+0x1ba/0x790
[  823.773043]  tun_attach.isra.0+0x610/0x1760
[  823.773986]  __tun_chr_ioctl+0x173c/0x3f40
[  823.774854]  ? __mutex_unlock_slowpath+0xe1/0x600
[  823.775871]  ? tun_chr_poll+0x700/0x700
[  823.776705]  ? wait_for_completion_io+0x270/0x270
[  823.777746]  ? selinux_file_ioctl+0xb6/0x270
[  823.778673]  ? tun_chr_compat_ioctl+0x30/0x30
[  823.779628]  __x64_sys_ioctl+0x19a/0x210
[  823.780506]  do_syscall_64+0x33/0x40
[  823.781299]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  823.782394] RIP: 0033:0x7f6888bfdb19
[  823.783186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  823.787129] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  823.788739] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  823.790275] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  823.791787] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  823.793245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  823.794762] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:17:11 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000180))

08:17:11 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4000000, 0x0, 0x0, &(0x7f0000000180))

08:17:11 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xedc000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(0x0, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:17:11 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, 0x0)

08:17:11 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 4)

[  824.016833] cgroup: fork rejected by pids controller in /syz6
[  824.025648] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6670 comm=syz-executor.0
[  824.034910] FAULT_INJECTION: forcing a failure.
[  824.034910] name failslab, interval 1, probability 0, space 0, times 0
[  824.037386] CPU: 0 PID: 6682 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  824.038848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  824.040605] Call Trace:
[  824.041167]  dump_stack+0x107/0x167
[  824.041948]  should_fail.cold+0x5/0xa
[  824.042758]  ? copy_mount_options+0x55/0x180
[  824.043695]  should_failslab+0x5/0x20
[  824.044503]  kmem_cache_alloc_trace+0x55/0x320
[  824.045475]  ? _copy_from_user+0xfb/0x1b0
[  824.046369]  copy_mount_options+0x55/0x180
[  824.047274]  __x64_sys_mount+0x1a8/0x300
[  824.048131]  ? copy_mnt_ns+0xa00/0xa00
[  824.048966]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  824.050083]  ? syscall_enter_from_user_mode+0x1d/0x50
[  824.051184]  do_syscall_64+0x33/0x40
[  824.051978]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  824.053069] RIP: 0033:0x7fd019574b19
[  824.053865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  824.057760] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  824.059371] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  824.060887] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  824.062409] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  824.063923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  824.065432] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:17:11 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 26)

08:17:11 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:11 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:17:11 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x5000000, 0x0, 0x0, &(0x7f0000000180))

08:17:11 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:11 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, 0x0)

08:17:11 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 5)

[  824.208699] FAULT_INJECTION: forcing a failure.
[  824.208699] name failslab, interval 1, probability 0, space 0, times 0
[  824.211537] CPU: 1 PID: 6705 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  824.213162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  824.215133] Call Trace:
[  824.215765]  dump_stack+0x107/0x167
[  824.216632]  should_fail.cold+0x5/0xa
[  824.217540]  ? create_object.isra.0+0x3a/0xa20
[  824.218641]  should_failslab+0x5/0x20
[  824.219543]  kmem_cache_alloc+0x5b/0x310
[  824.220523]  create_object.isra.0+0x3a/0xa20
[  824.221561]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  824.222777]  kmem_cache_alloc_trace+0x151/0x320
[  824.223885]  ? _copy_from_user+0xfb/0x1b0
[  824.224878]  copy_mount_options+0x55/0x180
[  824.225887]  __x64_sys_mount+0x1a8/0x300
[  824.226853]  ? copy_mnt_ns+0xa00/0xa00
[  824.227783]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  824.229021]  ? syscall_enter_from_user_mode+0x1d/0x50
[  824.230253]  do_syscall_64+0x33/0x40
[  824.231133]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  824.232354] RIP: 0033:0x7fd019574b19
[  824.233227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  824.237633] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  824.239437] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  824.241133] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  824.242843] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  824.244562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  824.246264] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  824.272527] FAULT_INJECTION: forcing a failure.
[  824.272527] name failslab, interval 1, probability 0, space 0, times 0
[  824.275572] CPU: 0 PID: 6710 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  824.277353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  824.279550] Call Trace:
[  824.280225]  dump_stack+0x107/0x167
[  824.281153]  should_fail.cold+0x5/0xa
[  824.282150]  ? __kernfs_new_node+0xd4/0x860
[  824.283063]  should_failslab+0x5/0x20
[  824.283857]  kmem_cache_alloc+0x5b/0x310
[  824.284715]  __kernfs_new_node+0xd4/0x860
[  824.285588]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  824.286583]  ? kernfs_add_one+0x36e/0x4d0
[  824.287452]  ? __mutex_unlock_slowpath+0xe1/0x600
[  824.288468]  ? wait_for_completion_io+0x270/0x270
[  824.289486]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  824.290605]  kernfs_new_node+0x18d/0x250
[  824.291459]  __kernfs_create_file+0x51/0x350
[  824.292384]  sysfs_add_file_mode_ns+0x221/0x560
[  824.293377]  internal_create_group+0x324/0xb30
[  824.294353]  ? sysfs_remove_group+0x170/0x170
[  824.295316]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  824.296414]  netif_set_real_num_tx_queues+0x1ba/0x790
[  824.297504]  tun_attach.isra.0+0x610/0x1760
[  824.298439]  __tun_chr_ioctl+0x173c/0x3f40
[  824.299331]  ? __mutex_unlock_slowpath+0xe1/0x600
[  824.300341]  ? tun_chr_poll+0x700/0x700
[  824.301177]  ? wait_for_completion_io+0x270/0x270
[  824.302210]  ? selinux_file_ioctl+0xb6/0x270
[  824.303140]  ? tun_chr_compat_ioctl+0x30/0x30
[  824.304088]  __x64_sys_ioctl+0x19a/0x210
[  824.304943]  do_syscall_64+0x33/0x40
[  824.305739]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  824.306822] RIP: 0033:0x7f6888bfdb19
[  824.307604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  824.311494] RSP: 002b:00007f6886152188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  824.313111] RAX: ffffffffffffffda RBX: 00007f6888d11020 RCX: 00007f6888bfdb19
[  824.314631] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  824.316128] RBP: 00007f68861521d0 R08: 0000000000000000 R09: 0000000000000000
[  824.317650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  824.319154] R13: 00007ffde665f87f R14: 00007f6886152300 R15: 0000000000022000
[  840.697525] FAULT_INJECTION: forcing a failure.
[  840.697525] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  840.700213] CPU: 1 PID: 6726 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  840.701667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  840.703427] Call Trace:
[  840.703988]  dump_stack+0x107/0x167
[  840.704752]  should_fail.cold+0x5/0xa
[  840.705561]  _copy_from_user+0x2e/0x1b0
08:17:27 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 27)

08:17:27 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(0x0, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:17:27 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:27 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xe0ffff00000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  840.706421]  copy_mount_options+0x76/0x180
08:17:27 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x6000000, 0x0, 0x0, &(0x7f0000000180))

08:17:27 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, 0x0)

08:17:27 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:17:27 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 6)

[  840.707650]  __x64_sys_mount+0x1a8/0x300
[  840.708629]  ? copy_mnt_ns+0xa00/0xa00
[  840.709445]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  840.710548]  ? syscall_enter_from_user_mode+0x1d/0x50
[  840.711625]  do_syscall_64+0x33/0x40
[  840.712402]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  840.713461] RIP: 0033:0x7fd019574b19
[  840.714253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  840.718064] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  840.719645] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  840.721125] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  840.722606] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  840.724087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  840.725564] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:17:28 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x7000000, 0x0, 0x0, &(0x7f0000000180))

08:17:28 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x100000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  840.745315] 9pnet: Insufficient options for proto=fd
[  840.769075] FAULT_INJECTION: forcing a failure.
[  840.769075] name failslab, interval 1, probability 0, space 0, times 0
[  840.772029] CPU: 0 PID: 6738 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  840.773706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  840.775754] Call Trace:
[  840.776429]  dump_stack+0x107/0x167
[  840.777203]  should_fail.cold+0x5/0xa
[  840.778030]  ? create_object.isra.0+0x3a/0xa20
[  840.778997]  should_failslab+0x5/0x20
[  840.779803]  kmem_cache_alloc+0x5b/0x310
[  840.780671]  create_object.isra.0+0x3a/0xa20
[  840.781597]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  840.782693]  kmem_cache_alloc+0x159/0x310
[  840.783582]  __kernfs_new_node+0xd4/0x860
[  840.784470]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  840.785473]  ? kernfs_add_one+0x36e/0x4d0
[  840.786370]  ? __mutex_unlock_slowpath+0xe1/0x600
[  840.787393]  ? wait_for_completion_io+0x270/0x270
[  840.788421]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  840.789533]  kernfs_new_node+0x18d/0x250
[  840.790417]  __kernfs_create_file+0x51/0x350
[  840.791358]  sysfs_add_file_mode_ns+0x221/0x560
[  840.792351]  internal_create_group+0x324/0xb30
[  840.793329]  ? sysfs_remove_group+0x170/0x170
[  840.794307]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  840.795416]  netif_set_real_num_tx_queues+0x1ba/0x790
[  840.796527]  tun_attach.isra.0+0x610/0x1760
[  840.797466]  __tun_chr_ioctl+0x173c/0x3f40
[  840.798377]  ? __mutex_unlock_slowpath+0xe1/0x600
[  840.799402]  ? tun_chr_poll+0x700/0x700
[  840.800248]  ? wait_for_completion_io+0x270/0x270
[  840.801290]  ? selinux_file_ioctl+0xb6/0x270
[  840.802239]  ? tun_chr_compat_ioctl+0x30/0x30
[  840.803189]  __x64_sys_ioctl+0x19a/0x210
[  840.804054]  do_syscall_64+0x33/0x40
[  840.804846]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  840.805942] RIP: 0033:0x7f6888bfdb19
[  840.806730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  840.810634] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  840.812261] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  840.813786] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  840.815351] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  840.816883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  840.818412] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[  840.830449] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6720 comm=syz-executor.0
08:17:28 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  840.893345] 9pnet: Insufficient options for proto=fd
08:17:28 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x200000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:43 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:17:43 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 28)

08:17:43 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 7)

08:17:43 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180)) (fail_nth: 1)

08:17:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xa000000, 0x0, 0x0, &(0x7f0000000180))

08:17:43 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:17:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x300000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  856.407347] FAULT_INJECTION: forcing a failure.
[  856.407347] name failslab, interval 1, probability 0, space 0, times 0
[  856.408447] FAULT_INJECTION: forcing a failure.
[  856.408447] name failslab, interval 1, probability 0, space 0, times 0
[  856.409834] CPU: 1 PID: 6770 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  856.413672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  856.415470] Call Trace:
[  856.416045]  dump_stack+0x107/0x167
[  856.416820]  should_fail.cold+0x5/0xa
[  856.417637]  ? getname_flags.part.0+0x50/0x4f0
[  856.418624]  should_failslab+0x5/0x20
[  856.419426]  kmem_cache_alloc+0x5b/0x310
[  856.420276]  getname_flags.part.0+0x50/0x4f0
[  856.421201]  ? _copy_from_user+0xfb/0x1b0
[  856.422088]  user_path_at_empty+0xa1/0x100
[  856.423112]  __x64_sys_mount+0x1e9/0x300
[  856.423964]  ? copy_mnt_ns+0xa00/0xa00
[  856.424832]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  856.425958]  ? syscall_enter_from_user_mode+0x1d/0x50
[  856.427058]  do_syscall_64+0x33/0x40
[  856.427842]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  856.428966] RIP: 0033:0x7fd019574b19
[  856.429788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  856.433727] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  856.435344] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  856.436849] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  856.438357] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  856.439855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  856.441357] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  856.442898] CPU: 0 PID: 6780 Comm: syz-executor.6 Not tainted 5.10.235 #1
[  856.444438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  856.446271] Call Trace:
[  856.446873]  dump_stack+0x107/0x167
[  856.447674]  should_fail.cold+0x5/0xa
[  856.448519]  ? sock_alloc_inode+0x18/0x1c0
[  856.449448]  should_failslab+0x5/0x20
[  856.450295]  kmem_cache_alloc+0x5b/0x310
[  856.451044]  ? selinux_ipv6_output+0x180/0x180
[  856.451864]  ? sock_free_inode+0x20/0x20
[  856.452597]  sock_alloc_inode+0x18/0x1c0
[  856.453324]  ? sock_free_inode+0x20/0x20
[  856.454061]  alloc_inode+0x63/0x240
[  856.454714]  new_inode_pseudo+0x14/0xe0
[  856.455425]  sock_alloc+0x3c/0x270
[  856.456068]  __sock_create+0xbd/0x7f0
[  856.456757]  __sys_socketpair+0x1c5/0x580
[  856.457507]  ? __ia32_sys_socket+0xb0/0xb0
[  856.458285]  ? fput_many+0x2f/0x1a0
[  856.458942]  ? ksys_write+0x1a9/0x260
[  856.459627]  ? __ia32_sys_read+0xb0/0xb0
[  856.460360]  __x64_sys_socketpair+0x93/0x100
[  856.461156]  ? syscall_enter_from_user_mode+0x1d/0x50
[  856.462091]  do_syscall_64+0x33/0x40
[  856.462765]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  856.463685] RIP: 0033:0x7f1df6767b19
[  856.464351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  856.467630] RSP: 002b:00007f1df3cdd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  856.468986] RAX: ffffffffffffffda RBX: 00007f1df687af60 RCX: 00007f1df6767b19
[  856.470259] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  856.471524] RBP: 00007f1df3cdd1d0 R08: 0000000000000000 R09: 0000000000000000
[  856.472793] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  856.474068] R13: 00007ffcd6a32d4f R14: 00007f1df3cdd300 R15: 0000000000022000
[  856.476292] socket: no more sockets
[  856.478686] 9pnet: Insufficient options for proto=fd
[  856.482355] FAULT_INJECTION: forcing a failure.
[  856.482355] name failslab, interval 1, probability 0, space 0, times 0
[  856.484812] CPU: 1 PID: 6785 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  856.486270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  856.488055] Call Trace:
08:17:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x400000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  856.488619]  dump_stack+0x107/0x167
[  856.489547]  should_fail.cold+0x5/0xa
[  856.490363]  ? __kernfs_new_node+0xd4/0x860
[  856.491270]  should_failslab+0x5/0x20
[  856.492071]  kmem_cache_alloc+0x5b/0x310
[  856.492932]  __kernfs_new_node+0xd4/0x860
[  856.493799]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  856.494796]  ? __mutex_unlock_slowpath+0xe1/0x600
[  856.495805]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  856.496929]  ? wait_for_completion_io+0x270/0x270
[  856.497939]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  856.499059]  kernfs_new_node+0x18d/0x250
[  856.499907]  __kernfs_create_file+0x51/0x350
[  856.500838]  sysfs_add_file_mode_ns+0x221/0x560
[  856.501833]  internal_create_group+0x324/0xb30
[  856.502810]  ? sysfs_remove_group+0x170/0x170
[  856.503766]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  856.504858]  netif_set_real_num_tx_queues+0x1ba/0x790
[  856.505953]  tun_attach.isra.0+0x610/0x1760
[  856.506885]  __tun_chr_ioctl+0x173c/0x3f40
[  856.507789]  ? __mutex_unlock_slowpath+0xe1/0x600
[  856.508793]  ? tun_chr_poll+0x700/0x700
[  856.509632]  ? wait_for_completion_io+0x270/0x270
[  856.510655]  ? selinux_file_ioctl+0xb6/0x270
[  856.511586]  ? tun_chr_compat_ioctl+0x30/0x30
[  856.512535]  __x64_sys_ioctl+0x19a/0x210
[  856.513395]  do_syscall_64+0x33/0x40
[  856.514194]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  856.515277] RIP: 0033:0x7f6888bfdb19
[  856.516059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  856.519934] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  856.521531] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  856.523043] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  856.524540] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  856.526063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  856.527572] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[  856.537104] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6786 comm=syz-executor.0
08:17:43 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x500000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xf000000, 0x0, 0x0, &(0x7f0000000180))

08:17:43 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 8)

08:17:43 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:17:43 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:17:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  856.638253] FAULT_INJECTION: forcing a failure.
[  856.638253] name failslab, interval 1, probability 0, space 0, times 0
[  856.640127] CPU: 0 PID: 6804 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  856.641243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  856.642574] Call Trace:
[  856.643004]  dump_stack+0x107/0x167
[  856.643607]  should_fail.cold+0x5/0xa
[  856.644233]  ? create_object.isra.0+0x3a/0xa20
[  856.644978]  should_failslab+0x5/0x20
[  856.645594]  kmem_cache_alloc+0x5b/0x310
[  856.646270]  create_object.isra.0+0x3a/0xa20
[  856.646996]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  856.647833]  kmem_cache_alloc+0x159/0x310
[  856.648523]  getname_flags.part.0+0x50/0x4f0
[  856.649252]  ? _copy_from_user+0xfb/0x1b0
[  856.649936]  user_path_at_empty+0xa1/0x100
[  856.650640]  __x64_sys_mount+0x1e9/0x300
[  856.651303]  ? copy_mnt_ns+0xa00/0xa00
[  856.651951]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  856.652801]  ? syscall_enter_from_user_mode+0x1d/0x50
[  856.653644]  do_syscall_64+0x33/0x40
[  856.654266]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  856.655101] RIP: 0033:0x7fd019574b19
[  856.655706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  856.658722] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  856.659960] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  856.661117] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  856.662282] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  856.663442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  856.664618] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:17:43 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x10000000, 0x0, 0x0, &(0x7f0000000180))

[  856.672250] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6813 comm=syz-executor.0
08:18:00 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 9)

08:18:00 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x600000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  873.015671] FAULT_INJECTION: forcing a failure.
[  873.015671] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  873.018314] CPU: 0 PID: 6834 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  873.019753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  873.021479] Call Trace:
[  873.022032]  dump_stack+0x107/0x167
[  873.022822]  should_fail.cold+0x5/0xa
[  873.023627]  strncpy_from_user+0x34/0x470
[  873.024503]  getname_flags.part.0+0x95/0x4f0
[  873.025416]  ? _copy_from_user+0xfb/0x1b0
[  873.026312]  user_path_at_empty+0xa1/0x100
[  873.027212]  __x64_sys_mount+0x1e9/0x300
[  873.028075]  ? copy_mnt_ns+0xa00/0xa00
[  873.028914]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  873.030035]  ? syscall_enter_from_user_mode+0x1d/0x50
[  873.031157]  do_syscall_64+0x33/0x40
[  873.031956]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  873.033045] RIP: 0033:0x7fd019574b19
[  873.033838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  873.037782] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  873.039412] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  873.040925] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  873.042460] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  873.043974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  873.045492] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  873.058092] FAULT_INJECTION: forcing a failure.
[  873.058092] name failslab, interval 1, probability 0, space 0, times 0
[  873.060647] CPU: 0 PID: 6848 Comm: syz-executor.6 Not tainted 5.10.235 #1
[  873.062103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  873.063877] Call Trace:
[  873.064440]  dump_stack+0x107/0x167
[  873.065222]  should_fail.cold+0x5/0xa
[  873.066036]  ? create_object.isra.0+0x3a/0xa20
[  873.067023]  should_failslab+0x5/0x20
[  873.067832]  kmem_cache_alloc+0x5b/0x310
[  873.068702]  create_object.isra.0+0x3a/0xa20
[  873.069185] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6840 comm=syz-executor.0
[  873.069635]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  873.069659]  kmem_cache_alloc+0x159/0x310
[  873.069688]  ? selinux_ipv6_output+0x180/0x180
[  873.075723]  ? sock_free_inode+0x20/0x20
[  873.076584]  sock_alloc_inode+0x18/0x1c0
[  873.077449]  ? sock_free_inode+0x20/0x20
[  873.078329]  alloc_inode+0x63/0x240
[  873.079102]  new_inode_pseudo+0x14/0xe0
[  873.079950]  sock_alloc+0x3c/0x270
[  873.080712]  __sock_create+0xbd/0x7f0
[  873.081535]  __sys_socketpair+0x1c5/0x580
[  873.082443]  ? __ia32_sys_socket+0xb0/0xb0
[  873.083342]  ? fput_many+0x2f/0x1a0
[  873.084119]  ? ksys_write+0x1a9/0x260
[  873.084929]  ? __ia32_sys_read+0xb0/0xb0
[  873.085802]  __x64_sys_socketpair+0x93/0x100
[  873.086756]  ? syscall_enter_from_user_mode+0x1d/0x50
[  873.087854]  do_syscall_64+0x33/0x40
[  873.087888] FAULT_INJECTION: forcing a failure.
[  873.087888] name failslab, interval 1, probability 0, space 0, times 0
[  873.088650]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  873.088663] RIP: 0033:0x7f1df6767b19
[  873.088681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  873.088691] RSP: 002b:00007f1df3cdd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  873.088722] RAX: ffffffffffffffda RBX: 00007f1df687af60 RCX: 00007f1df6767b19
[  873.102016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  873.104124] RBP: 00007f1df3cdd1d0 R08: 0000000000000000 R09: 0000000000000000
[  873.106072] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  873.108147] R13: 00007ffcd6a32d4f R14: 00007f1df3cdd300 R15: 0000000000022000
[  873.110218] CPU: 1 PID: 6844 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  873.111852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  873.113634] Call Trace:
[  873.114221]  dump_stack+0x107/0x167
[  873.115005]  should_fail.cold+0x5/0xa
[  873.115809]  ? create_object.isra.0+0x3a/0xa20
[  873.116777]  should_failslab+0x5/0x20
[  873.117579]  kmem_cache_alloc+0x5b/0x310
[  873.118451]  create_object.isra.0+0x3a/0xa20
[  873.119378]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  873.120453]  kmem_cache_alloc+0x159/0x310
[  873.121330]  __kernfs_new_node+0xd4/0x860
[  873.122232]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  873.123226]  ? kernfs_add_one+0x36e/0x4d0
[  873.124102]  ? __mutex_unlock_slowpath+0xe1/0x600
[  873.125120]  ? wait_for_completion_io+0x270/0x270
[  873.126140]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  873.127259]  kernfs_new_node+0x18d/0x250
[  873.128165]  __kernfs_create_file+0x51/0x350
[  873.129088]  sysfs_add_file_mode_ns+0x221/0x560
[  873.130064]  internal_create_group+0x324/0xb30
[  873.131035]  ? sysfs_remove_group+0x170/0x170
[  873.132199]  netdev_queue_update_kobjects+0x2ed/0x3e0
08:18:00 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:18:00 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:00 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x11000000, 0x0, 0x0, &(0x7f0000000180))

08:18:00 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180)) (fail_nth: 2)

08:18:00 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:18:00 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 29)

08:18:00 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:00 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2c000000, 0x0, 0x0, &(0x7f0000000180))

[  873.133297]  netif_set_real_num_tx_queues+0x1ba/0x790
[  873.134682]  tun_attach.isra.0+0x610/0x1760
[  873.135604]  __tun_chr_ioctl+0x173c/0x3f40
[  873.136497]  ? __mutex_unlock_slowpath+0xe1/0x600
[  873.137496]  ? tun_chr_poll+0x700/0x700
[  873.138346]  ? wait_for_completion_io+0x270/0x270
[  873.139369]  ? selinux_file_ioctl+0xb6/0x270
[  873.140288]  ? tun_chr_compat_ioctl+0x30/0x30
[  873.141227]  __x64_sys_ioctl+0x19a/0x210
[  873.142088]  do_syscall_64+0x33/0x40
[  873.142896]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  873.143969] RIP: 0033:0x7f6888bfdb19
[  873.144753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  873.148654] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  873.150252] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  873.151744] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  873.153238] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  873.154741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  873.156241] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:18:17 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 30)

08:18:17 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180)) (fail_nth: 3)

[  890.320430] FAULT_INJECTION: forcing a failure.
[  890.320430] name failslab, interval 1, probability 0, space 0, times 0
[  890.323432] CPU: 1 PID: 6871 Comm: syz-executor.6 Not tainted 5.10.235 #1
[  890.325198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  890.327349] Call Trace:
[  890.328032]  dump_stack+0x107/0x167
[  890.328971]  should_fail.cold+0x5/0xa
[  890.329960]  ? security_inode_alloc+0x34/0x160
[  890.331152]  should_failslab+0x5/0x20
[  890.332140]  kmem_cache_alloc+0x5b/0x310
[  890.333201]  security_inode_alloc+0x34/0x160
[  890.334467]  inode_init_always+0xa4e/0xd10
[  890.335648]  alloc_inode+0x84/0x240
[  890.336587]  new_inode_pseudo+0x14/0xe0
[  890.337613]  sock_alloc+0x3c/0x270
[  890.338541]  __sock_create+0xbd/0x7f0
[  890.339528]  __sys_socketpair+0x1c5/0x580
[  890.340593]  ? __ia32_sys_socket+0xb0/0xb0
[  890.341677]  ? fput_many+0x2f/0x1a0
[  890.342623]  ? ksys_write+0x1a9/0x260
[  890.343600]  ? __ia32_sys_read+0xb0/0xb0
[  890.344650]  __x64_sys_socketpair+0x93/0x100
[  890.345783]  ? syscall_enter_from_user_mode+0x1d/0x50
[  890.347115]  do_syscall_64+0x33/0x40
[  890.348079]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  890.349399] RIP: 0033:0x7f1df6767b19
[  890.350354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.355119] RSP: 002b:00007f1df3cdd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  890.357074] RAX: ffffffffffffffda RBX: 00007f1df687af60 RCX: 00007f1df6767b19
[  890.358920] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  890.360750] RBP: 00007f1df3cdd1d0 R08: 0000000000000000 R09: 0000000000000000
[  890.362591] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  890.364427] R13: 00007ffcd6a32d4f R14: 00007f1df3cdd300 R15: 0000000000022000
[  890.367504] socket: no more sockets
[  890.370737] FAULT_INJECTION: forcing a failure.
[  890.370737] name failslab, interval 1, probability 0, space 0, times 0
[  890.373234] CPU: 0 PID: 6870 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  890.374749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  890.376566] Call Trace:
[  890.377147]  dump_stack+0x107/0x167
[  890.377950]  should_fail.cold+0x5/0xa
[  890.378789]  ? __kernfs_new_node+0xd4/0x860
[  890.379741]  should_failslab+0x5/0x20
[  890.380574]  kmem_cache_alloc+0x5b/0x310
[  890.381476]  __kernfs_new_node+0xd4/0x860
[  890.382402]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  890.383432]  ? kernfs_add_one+0x36e/0x4d0
[  890.384351]  ? __mutex_unlock_slowpath+0xe1/0x600
[  890.385406]  ? wait_for_completion_io+0x270/0x270
[  890.386479]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  890.387620]  kernfs_new_node+0x18d/0x250
[  890.388515]  __kernfs_create_file+0x51/0x350
[  890.389483]  sysfs_add_file_mode_ns+0x221/0x560
[  890.390527]  internal_create_group+0x324/0xb30
[  890.391525]  ? sysfs_remove_group+0x170/0x170
[  890.392702]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  890.393858]  netif_set_real_num_tx_queues+0x1ba/0x790
[  890.395012]  tun_attach.isra.0+0x610/0x1760
[  890.395981]  __tun_chr_ioctl+0x173c/0x3f40
[  890.396901]  ? __mutex_unlock_slowpath+0xe1/0x600
[  890.397967]  ? tun_chr_poll+0x700/0x700
[  890.398849]  ? wait_for_completion_io+0x270/0x270
[  890.399914]  ? selinux_file_ioctl+0xb6/0x270
[  890.400877]  ? tun_chr_compat_ioctl+0x30/0x30
[  890.401859]  __x64_sys_ioctl+0x19a/0x210
[  890.402757]  do_syscall_64+0x33/0x40
[  890.403592]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  890.404713] RIP: 0033:0x7f6888bfdb19
[  890.405523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.409560] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  890.411264] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  890.412828] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  890.414412] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  890.415989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  890.417540] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:18:17 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:17 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:18:17 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x40000000, 0x0, 0x0, &(0x7f0000000180))

08:18:17 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x700000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:17 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 10)

08:18:17 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:18:17 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x800000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:17 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x48000000, 0x0, 0x0, &(0x7f0000000180))

08:18:17 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  890.436492] FAULT_INJECTION: forcing a failure.
[  890.436492] name failslab, interval 1, probability 0, space 0, times 0
[  890.439412] CPU: 1 PID: 6889 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  890.441164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  890.443298] Call Trace:
[  890.443971]  dump_stack+0x107/0x167
[  890.444906]  should_fail.cold+0x5/0xa
[  890.445885]  ? alloc_fs_context+0x57/0x840
[  890.446975]  should_failslab+0x5/0x20
[  890.447954]  kmem_cache_alloc_trace+0x55/0x320
[  890.449129]  alloc_fs_context+0x57/0x840
[  890.450179]  path_mount+0xaa3/0x2120
[  890.451153]  ? strncpy_from_user+0x9e/0x470
[  890.452254]  ? finish_automount+0xa90/0xa90
[  890.453361]  ? getname_flags.part.0+0x1dd/0x4f0
[  890.454564]  ? _copy_from_user+0xfb/0x1b0
[  890.455635]  __x64_sys_mount+0x282/0x300
[  890.456670]  ? copy_mnt_ns+0xa00/0xa00
[  890.457679]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  890.459033]  ? syscall_enter_from_user_mode+0x1d/0x50
[  890.460361]  do_syscall_64+0x33/0x40
[  890.461314]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  890.462636] RIP: 0033:0x7fd019574b19
[  890.463582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.468287] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  890.470236] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  890.472060] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  890.473868] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  890.475702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  890.477516] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:18:17 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4c000000, 0x0, 0x0, &(0x7f0000000180))

08:18:17 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180)) (fail_nth: 4)

08:18:17 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 31)

08:18:17 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x900000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:17 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)

[  890.598493] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=6886 comm=syz-executor.0
08:18:17 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[  890.627569] FAULT_INJECTION: forcing a failure.
[  890.627569] name failslab, interval 1, probability 0, space 0, times 0
[  890.630080] CPU: 1 PID: 6905 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  890.631557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  890.633325] Call Trace:
[  890.633548] FAULT_INJECTION: forcing a failure.
[  890.633548] name failslab, interval 1, probability 0, space 0, times 0
[  890.633888]  dump_stack+0x107/0x167
[  890.633916]  should_fail.cold+0x5/0xa
[  890.637828]  ? create_object.isra.0+0x3a/0xa20
[  890.638817]  should_failslab+0x5/0x20
[  890.639626]  kmem_cache_alloc+0x5b/0x310
[  890.640494]  create_object.isra.0+0x3a/0xa20
[  890.641431]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  890.642523]  kmem_cache_alloc+0x159/0x310
[  890.643421]  __kernfs_new_node+0xd4/0x860
[  890.644312]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  890.645319]  ? kernfs_add_one+0x36e/0x4d0
[  890.646205]  ? __mutex_unlock_slowpath+0xe1/0x600
[  890.647240]  ? wait_for_completion_io+0x270/0x270
[  890.648274]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  890.649396]  kernfs_new_node+0x18d/0x250
[  890.650264]  __kernfs_create_file+0x51/0x350
[  890.651212]  sysfs_add_file_mode_ns+0x221/0x560
[  890.652210]  internal_create_group+0x324/0xb30
[  890.653188]  ? sysfs_remove_group+0x170/0x170
[  890.654165]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  890.655281]  netif_set_real_num_tx_queues+0x1ba/0x790
[  890.656386]  tun_attach.isra.0+0x610/0x1760
[  890.657328]  __tun_chr_ioctl+0x173c/0x3f40
[  890.658233]  ? tun_chr_poll+0x700/0x700
[  890.659097]  ? __schedule+0x82c/0x1ea0
[  890.659935]  ? selinux_file_ioctl+0xb6/0x270
[  890.660878]  ? tun_chr_compat_ioctl+0x30/0x30
[  890.661837]  __x64_sys_ioctl+0x19a/0x210
[  890.662710]  do_syscall_64+0x33/0x40
[  890.663507]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  890.664602] RIP: 0033:0x7f6888bfdb19
[  890.665392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.669322] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  890.670982] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  890.672512] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  890.674038] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  890.675566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  890.677090] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[  890.678656] CPU: 0 PID: 6907 Comm: syz-executor.6 Not tainted 5.10.235 #1
[  890.680120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  890.681872] Call Trace:
[  890.682444]  dump_stack+0x107/0x167
[  890.683258]  should_fail.cold+0x5/0xa
[  890.684155]  ? create_object.isra.0+0x3a/0xa20
[  890.685127]  should_failslab+0x5/0x20
[  890.685927]  kmem_cache_alloc+0x5b/0x310
[  890.686813]  create_object.isra.0+0x3a/0xa20
[  890.687737]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  890.688813]  kmem_cache_alloc+0x159/0x310
[  890.689702]  security_inode_alloc+0x34/0x160
[  890.690645]  inode_init_always+0xa4e/0xd10
[  890.691538]  alloc_inode+0x84/0x240
[  890.692304]  new_inode_pseudo+0x14/0xe0
[  890.693148]  sock_alloc+0x3c/0x270
[  890.693896]  __sock_create+0xbd/0x7f0
[  890.694723]  __sys_socketpair+0x1c5/0x580
[  890.695607]  ? __ia32_sys_socket+0xb0/0xb0
[  890.696493]  ? fput_many+0x2f/0x1a0
[  890.697267]  ? ksys_write+0x1a9/0x260
[  890.698071]  ? __ia32_sys_read+0xb0/0xb0
[  890.698954]  __x64_sys_socketpair+0x93/0x100
[  890.699883]  ? syscall_enter_from_user_mode+0x1d/0x50
[  890.700969]  do_syscall_64+0x33/0x40
[  890.701753]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  890.702842] RIP: 0033:0x7f1df6767b19
[  890.703625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.707522] RSP: 002b:00007f1df3cdd188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  890.709124] RAX: ffffffffffffffda RBX: 00007f1df687af60 RCX: 00007f1df6767b19
[  890.710643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  890.712149] RBP: 00007f1df3cdd1d0 R08: 0000000000000000 R09: 0000000000000000
[  890.713657] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  890.715176] R13: 00007ffcd6a32d4f R14: 00007f1df3cdd300 R15: 0000000000022000
08:18:35 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180)) (fail_nth: 5)

08:18:35 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 32)

08:18:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:18:35 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xa00000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x68000000, 0x0, 0x0, &(0x7f0000000180))

08:18:35 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 11)

08:18:35 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)

08:18:35 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:18:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x6c000000, 0x0, 0x0, &(0x7f0000000180))

08:18:35 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xb00000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  908.105585] FAULT_INJECTION: forcing a failure.
[  908.105585] name failslab, interval 1, probability 0, space 0, times 0
[  908.108028] CPU: 1 PID: 6953 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  908.109500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  908.111271] Call Trace:
[  908.111836]  dump_stack+0x107/0x167
[  908.112607]  should_fail.cold+0x5/0xa
[  908.113423]  ? create_object.isra.0+0x3a/0xa20
[  908.114405]  should_failslab+0x5/0x20
[  908.115226]  kmem_cache_alloc+0x5b/0x310
[  908.116096]  create_object.isra.0+0x3a/0xa20
[  908.117028]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  908.118116]  kmem_cache_alloc_trace+0x151/0x320
[  908.119149]  alloc_fs_context+0x57/0x840
[  908.120048]  path_mount+0xaa3/0x2120
[  908.120854]  ? strncpy_from_user+0x9e/0x470
[  908.121777]  ? finish_automount+0xa90/0xa90
[  908.122702]  ? getname_flags.part.0+0x1dd/0x4f0
[  908.123685]  ? _copy_from_user+0xfb/0x1b0
[  908.124569]  __x64_sys_mount+0x282/0x300
[  908.125426]  ? copy_mnt_ns+0xa00/0xa00
[  908.126254]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  908.127378]  ? syscall_enter_from_user_mode+0x1d/0x50
[  908.128469]  do_syscall_64+0x33/0x40
[  908.129265]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  908.130354] RIP: 0033:0x7fd019574b19
[  908.131153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  908.135057] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  908.136670] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  908.138180] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  908.139730] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  908.141250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  908.142772] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:18:35 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)

08:18:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x74000000, 0x0, 0x0, &(0x7f0000000180))

[  908.245507] FAULT_INJECTION: forcing a failure.
[  908.245507] name failslab, interval 1, probability 0, space 0, times 0
[  908.248101] CPU: 1 PID: 6959 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  908.249578] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  908.251364] Call Trace:
[  908.251934]  dump_stack+0x107/0x167
[  908.252710]  should_fail.cold+0x5/0xa
[  908.253528]  ? kobject_uevent_env+0x22b/0xfd0
[  908.254495]  should_failslab+0x5/0x20
[  908.255322]  kmem_cache_alloc_trace+0x55/0x320
[  908.256302]  kobject_uevent_env+0x22b/0xfd0
[  908.257239]  netdev_queue_update_kobjects+0x315/0x3e0
[  908.258348]  netif_set_real_num_tx_queues+0x1ba/0x790
[  908.259460]  tun_attach.isra.0+0x610/0x1760
[  908.260400]  __tun_chr_ioctl+0x173c/0x3f40
[  908.261296]  ? __mutex_unlock_slowpath+0xe1/0x600
[  908.262323]  ? tun_chr_poll+0x700/0x700
[  908.263176]  ? wait_for_completion_io+0x270/0x270
[  908.264234]  ? selinux_file_ioctl+0xb6/0x270
[  908.265174]  ? tun_chr_compat_ioctl+0x30/0x30
[  908.266140]  __x64_sys_ioctl+0x19a/0x210
[  908.267010]  do_syscall_64+0x33/0x40
[  908.267812]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  908.268910] RIP: 0033:0x7f6888bfdb19
[  908.269704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  908.273647] RSP: 002b:00007f6886152188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  908.275296] RAX: ffffffffffffffda RBX: 00007f6888d11020 RCX: 00007f6888bfdb19
[  908.276824] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  908.278350] RBP: 00007f68861521d0 R08: 0000000000000000 R09: 0000000000000000
[  908.279895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  908.281430] R13: 00007ffde665f87f R14: 00007f6886152300 R15: 0000000000022000
08:18:35 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x1000000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:35 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x0, 0x0, &(0x7f0000000180))

08:18:35 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x7a000000, 0x0, 0x0, &(0x7f0000000180))

08:18:35 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2000000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  908.438885] 9pnet: Insufficient options for proto=fd
[  908.522883] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7092 comm=syz-executor.0
08:18:51 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:18:51 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 33)

08:18:51 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x5, 0x0, 0x0, &(0x7f0000000180))

08:18:51 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 12)

08:18:51 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x80040000, 0x0, 0x0, &(0x7f0000000180))

08:18:51 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:18:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2010000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  924.408204] FAULT_INJECTION: forcing a failure.
[  924.408204] name failslab, interval 1, probability 0, space 0, times 0
[  924.410534] CPU: 0 PID: 7110 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  924.411945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  924.413652] Call Trace:
[  924.414198]  dump_stack+0x107/0x167
[  924.414952]  should_fail.cold+0x5/0xa
[  924.415734]  ? legacy_init_fs_context+0x44/0xe0
[  924.416690]  should_failslab+0x5/0x20
[  924.417472]  kmem_cache_alloc_trace+0x55/0x320
[  924.418405]  ? lockdep_init_map_type+0x2c7/0x780
[  924.419387]  legacy_init_fs_context+0x44/0xe0
[  924.420299]  ? generic_parse_monolithic+0x1f0/0x1f0
[  924.421320]  alloc_fs_context+0x4fd/0x840
[  924.422167]  path_mount+0xaa3/0x2120
[  924.422945]  ? strncpy_from_user+0x9e/0x470
[  924.423826]  ? finish_automount+0xa90/0xa90
[  924.424709]  ? getname_flags.part.0+0x1dd/0x4f0
[  924.425662]  ? _copy_from_user+0xfb/0x1b0
[  924.426517]  __x64_sys_mount+0x282/0x300
[  924.427352]  ? copy_mnt_ns+0xa00/0xa00
[  924.428178]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  924.429276]  ? syscall_enter_from_user_mode+0x1d/0x50
[  924.430342]  do_syscall_64+0x33/0x40
[  924.431128]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  924.432201] RIP: 0033:0x7fd019574b19
[  924.432982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  924.436756] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  924.438333] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  924.439225] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7114 comm=syz-executor.0
[  924.439817] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  924.439834] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  924.444364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  924.445816] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  924.459712] 9pnet: Insufficient options for proto=fd
08:18:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8304000000000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  924.497392] FAULT_INJECTION: forcing a failure.
[  924.497392] name failslab, interval 1, probability 0, space 0, times 0
[  924.499809] CPU: 0 PID: 7121 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  924.501254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  924.503009] Call Trace:
[  924.503575]  dump_stack+0x107/0x167
08:18:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  924.504348]  should_fail.cold+0x5/0xa
[  924.505443]  ? create_object.isra.0+0x3a/0xa20
[  924.506486]  should_failslab+0x5/0x20
[  924.507310]  kmem_cache_alloc+0x5b/0x310
[  924.508162]  create_object.isra.0+0x3a/0xa20
[  924.509074]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  924.510141]  kmem_cache_alloc+0x159/0x310
[  924.511246]  __kernfs_new_node+0xd4/0x860
[  924.512138]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  924.513117]  ? kernfs_add_one+0x36e/0x4d0
[  924.513989]  ? __mutex_unlock_slowpath+0xe1/0x600
[  924.515260]  ? wait_for_completion_io+0x270/0x270
[  924.516262]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[  924.517602]  kernfs_new_node+0x18d/0x250
[  924.518550]  __kernfs_create_file+0x51/0x350
[  924.519510]  sysfs_add_file_mode_ns+0x221/0x560
[  924.520493]  internal_create_group+0x324/0xb30
[  924.521443]  ? sysfs_remove_group+0x170/0x170
[  924.522385]  netdev_queue_update_kobjects+0x2ed/0x3e0
[  924.523471]  netif_set_real_num_tx_queues+0x1ba/0x790
[  924.524541]  tun_attach.isra.0+0x610/0x1760
[  924.525667]  __tun_chr_ioctl+0x173c/0x3f40
[  924.526611]  ? __mutex_unlock_slowpath+0xe1/0x600
[  924.527854]  ? tun_chr_poll+0x700/0x700
[  924.528692]  ? wait_for_completion_io+0x270/0x270
[  924.529700]  ? selinux_file_ioctl+0xb6/0x270
[  924.530613]  ? tun_chr_compat_ioctl+0x30/0x30
[  924.531792]  __x64_sys_ioctl+0x19a/0x210
[  924.532642]  do_syscall_64+0x33/0x40
[  924.533418]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  924.534472] RIP: 0033:0x7f6888bfdb19
[  924.535259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  924.539035] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  924.540601] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  924.542071] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  924.543540] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  924.545009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  924.546493] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:18:51 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:51 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:18:51 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x8cffffff, 0x0, 0x0, &(0x7f0000000180))

[  924.582758] 9pnet: Insufficient options for proto=fd
08:18:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8cffffff00000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:18:51 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xa, 0x0, 0x0, &(0x7f0000000180))

[  924.599724] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7137 comm=syz-executor.0
08:18:51 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 13)

08:18:51 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xf0020000, 0x0, 0x0, &(0x7f0000000180))

08:18:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  924.685719] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7160 comm=syz-executor.0
[  924.700422] FAULT_INJECTION: forcing a failure.
[  924.700422] name failslab, interval 1, probability 0, space 0, times 0
[  924.703444] CPU: 0 PID: 7162 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  924.705195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  924.707324] Call Trace:
[  924.707999]  dump_stack+0x107/0x167
[  924.708932]  should_fail.cold+0x5/0xa
[  924.709907]  ? create_object.isra.0+0x3a/0xa20
[  924.710909]  should_failslab+0x5/0x20
[  924.711705]  kmem_cache_alloc+0x5b/0x310
[  924.712555]  create_object.isra.0+0x3a/0xa20
[  924.713467]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  924.714525]  kmem_cache_alloc_trace+0x151/0x320
[  924.715495]  ? lockdep_init_map_type+0x2c7/0x780
[  924.716477]  legacy_init_fs_context+0x44/0xe0
[  924.717405]  ? generic_parse_monolithic+0x1f0/0x1f0
[  924.718437]  alloc_fs_context+0x4fd/0x840
[  924.719324]  path_mount+0xaa3/0x2120
[  924.720103]  ? strncpy_from_user+0x9e/0x470
[  924.720991]  ? finish_automount+0xa90/0xa90
[  924.721889]  ? getname_flags.part.0+0x1dd/0x4f0
[  924.722868]  ? _copy_from_user+0xfb/0x1b0
[  924.723730]  __x64_sys_mount+0x282/0x300
[  924.724574]  ? copy_mnt_ns+0xa00/0xa00
[  924.725381]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  924.726463]  ? syscall_enter_from_user_mode+0x1d/0x50
[  924.727775]  do_syscall_64+0x33/0x40
[  924.728544]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  924.729603] RIP: 0033:0x7fd019574b19
[  924.730543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  924.734432] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  924.736011] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  924.737496] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  924.738977] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  924.740441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  924.741926] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:19:06 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:06 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 14)

08:19:06 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:06 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[  939.642274] FAULT_INJECTION: forcing a failure.
[  939.642274] name failslab, interval 1, probability 0, space 0, times 0
[  939.644824] CPU: 0 PID: 7180 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  939.646262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  939.648026] Call Trace:
[  939.648581]  dump_stack+0x107/0x167
[  939.649345]  should_fail.cold+0x5/0xa
[  939.650141]  ? v9fs_mount+0x5a/0x8f0
[  939.650933]  should_failslab+0x5/0x20
[  939.651735]  kmem_cache_alloc_trace+0x55/0x320
[  939.652697]  ? v9fs_write_inode+0x60/0x60
[  939.653568]  v9fs_mount+0x5a/0x8f0
[  939.654313]  ? v9fs_write_inode+0x60/0x60
[  939.655196]  legacy_get_tree+0x105/0x220
[  939.656055]  vfs_get_tree+0x8e/0x300
[  939.656831]  path_mount+0x1429/0x2120
[  939.657639]  ? strncpy_from_user+0x9e/0x470
[  939.658544]  ? finish_automount+0xa90/0xa90
[  939.659464]  ? getname_flags.part.0+0x1dd/0x4f0
[  939.660436]  ? _copy_from_user+0xfb/0x1b0
[  939.661314]  __x64_sys_mount+0x282/0x300
[  939.662159]  ? copy_mnt_ns+0xa00/0xa00
[  939.663005]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  939.664120]  ? syscall_enter_from_user_mode+0x1d/0x50
[  939.665202]  do_syscall_64+0x33/0x40
[  939.665981]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  939.667064] RIP: 0033:0x7fd019574b19
[  939.667846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  939.671726] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  939.673327] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  939.674828] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  939.676339] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  939.677839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  939.679345] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:19:06 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:19:06 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xfeffffff, 0x0, 0x0, &(0x7f0000000180))

08:19:06 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 34)

08:19:06 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xf, 0x0, 0x0, &(0x7f0000000180))

[  939.695584] 9pnet: Insufficient options for proto=fd
[  939.718643] FAULT_INJECTION: forcing a failure.
[  939.718643] name failslab, interval 1, probability 0, space 0, times 0
[  939.721104] CPU: 1 PID: 7188 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  939.722569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  939.724333] Call Trace:
[  939.724897]  dump_stack+0x107/0x167
[  939.725670]  should_fail.cold+0x5/0xa
[  939.726483]  ? kobject_get_path+0xc5/0x1f0
[  939.726953] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7193 comm=syz-executor.0
[  939.727394]  should_failslab+0x5/0x20
[  939.727421]  __kmalloc+0x72/0x390
[  939.731502]  ? trace_hardirqs_on+0x5b/0x180
[  939.732423]  kobject_get_path+0xc5/0x1f0
[  939.733293]  kobject_uevent_env+0x251/0xfd0
[  939.734217]  netdev_queue_update_kobjects+0x315/0x3e0
[  939.735334]  netif_set_real_num_tx_queues+0x1ba/0x790
[  939.736443]  tun_attach.isra.0+0x610/0x1760
[  939.737374]  __tun_chr_ioctl+0x173c/0x3f40
[  939.738279]  ? __mutex_unlock_slowpath+0xe1/0x600
[  939.739297]  ? tun_chr_poll+0x700/0x700
[  939.740140]  ? wait_for_completion_io+0x270/0x270
[  939.741175]  ? selinux_file_ioctl+0xb6/0x270
[  939.742110]  ? tun_chr_compat_ioctl+0x30/0x30
[  939.743076]  __x64_sys_ioctl+0x19a/0x210
[  939.743941]  do_syscall_64+0x33/0x40
[  939.744739]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  939.745825] RIP: 0033:0x7f6888bfdb19
08:19:07 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:07 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x2, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  939.746611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  939.750764] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  939.752390] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  939.753896] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  939.755404] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  939.756912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  939.758440] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:19:07 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xffffff8c, 0x0, 0x0, &(0x7f0000000180))

[  939.787649] 9pnet: Insufficient options for proto=fd
[  939.801573] 9pnet: Insufficient options for proto=fd
[  939.821195] 9pnet: Insufficient options for proto=fd
08:19:07 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:07 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 15)

08:19:07 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:19:07 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x3, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:07 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x10, 0x0, 0x0, &(0x7f0000000180))

[  939.927183] FAULT_INJECTION: forcing a failure.
[  939.927183] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  939.927702] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7217 comm=syz-executor.0
[  939.929730] CPU: 0 PID: 7220 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  939.929746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  939.929751] Call Trace:
[  939.929776]  dump_stack+0x107/0x167
[  939.929795]  should_fail.cold+0x5/0xa
[  939.929819]  __alloc_pages_nodemask+0x182/0x600
[  939.929845]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[  939.936310] 9pnet: Insufficient options for proto=fd
[  939.936804]  ? kmem_cache_alloc_trace+0x305/0x320
[  939.941813]  alloc_pages_current+0x187/0x280
[  939.942732]  allocate_slab+0x26f/0x380
[  939.943552]  ___slab_alloc+0x470/0x700
[  939.944359]  ? v9fs_mount+0x5a/0x8f0
[  939.945136]  ? cred_has_capability.isra.0+0x152/0x2b0
[  939.946220]  ? v9fs_mount+0x5a/0x8f0
[  939.947001]  ? kmem_cache_alloc_trace+0x305/0x320
[  939.948004]  kmem_cache_alloc_trace+0x305/0x320
[  939.948977]  ? v9fs_write_inode+0x60/0x60
[  939.949834]  v9fs_mount+0x5a/0x8f0
[  939.950576]  ? v9fs_write_inode+0x60/0x60
[  939.951456]  legacy_get_tree+0x105/0x220
[  939.952309]  vfs_get_tree+0x8e/0x300
[  939.953085]  path_mount+0x1429/0x2120
[  939.953877]  ? strncpy_from_user+0x9e/0x470
[  939.954778]  ? finish_automount+0xa90/0xa90
[  939.955687]  ? getname_flags.part.0+0x1dd/0x4f0
[  939.956656]  ? _copy_from_user+0xfb/0x1b0
[  939.957528]  __x64_sys_mount+0x282/0x300
[  939.958371]  ? copy_mnt_ns+0xa00/0xa00
[  939.959194]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  939.960281]  ? syscall_enter_from_user_mode+0x1d/0x50
[  939.961353]  do_syscall_64+0x33/0x40
[  939.962129]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  939.963201] RIP: 0033:0x7fd019574b19
[  939.963970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  939.967805] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  939.969393] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  939.970894] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  939.972381] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  939.973863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  939.975355] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:19:07 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 35)

[  940.026293] 9pnet: Insufficient options for proto=fd
[  940.034589] 9pnet: Insufficient options for proto=fd
[  940.043323] FAULT_INJECTION: forcing a failure.
[  940.043323] name failslab, interval 1, probability 0, space 0, times 0
[  940.045706] CPU: 0 PID: 7230 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  940.047153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  940.048871] Call Trace:
[  940.049426]  dump_stack+0x107/0x167
[  940.050178]  should_fail.cold+0x5/0xa
[  940.050978]  ? create_object.isra.0+0x3a/0xa20
[  940.051936]  should_failslab+0x5/0x20
[  940.052733]  kmem_cache_alloc+0x5b/0x310
[  940.053584]  ? kmem_cache_alloc_trace+0x151/0x320
[  940.054588]  create_object.isra.0+0x3a/0xa20
[  940.055514]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  940.056581]  __kmalloc+0x16e/0x390
[  940.057331]  kobject_get_path+0xc5/0x1f0
[  940.058187]  kobject_uevent_env+0x251/0xfd0
[  940.059107]  netdev_queue_update_kobjects+0x315/0x3e0
[  940.060197]  netif_set_real_num_tx_queues+0x1ba/0x790
[  940.061289]  tun_attach.isra.0+0x610/0x1760
[  940.062214]  __tun_chr_ioctl+0x173c/0x3f40
[  940.063113]  ? __mutex_unlock_slowpath+0xe1/0x600
[  940.064112]  ? tun_chr_poll+0x700/0x700
[  940.064949]  ? wait_for_completion_io+0x270/0x270
[  940.065977]  ? selinux_file_ioctl+0xb6/0x270
[  940.066900]  ? tun_chr_compat_ioctl+0x30/0x30
[  940.067842]  __x64_sys_ioctl+0x19a/0x210
[  940.068685]  do_syscall_64+0x33/0x40
[  940.069457]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  940.070521] RIP: 0033:0x7f6888bfdb19
[  940.071308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  940.075191] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  940.076797] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  940.078308] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  940.079812] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  940.081297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  940.082788] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:19:22 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 36)

08:19:22 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:19:22 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 16)

08:19:22 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:19:22 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:19:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xfffffffe, 0x0, 0x0, &(0x7f0000000180))

08:19:22 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x4, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:22 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x11, 0x0, 0x0, &(0x7f0000000180))

[  954.867492] FAULT_INJECTION: forcing a failure.
[  954.867492] name failslab, interval 1, probability 0, space 0, times 0
[  954.869890] CPU: 0 PID: 7247 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  954.871334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  954.873068] Call Trace:
[  954.873629]  dump_stack+0x107/0x167
[  954.874397]  should_fail.cold+0x5/0xa
[  954.875211]  ? v9fs_mount+0x5a/0x8f0
[  954.876002]  should_failslab+0x5/0x20
[  954.876794]  kmem_cache_alloc_trace+0x55/0x320
[  954.877750]  ? v9fs_write_inode+0x60/0x60
[  954.878611]  v9fs_mount+0x5a/0x8f0
[  954.879379]  ? v9fs_write_inode+0x60/0x60
[  954.880247]  legacy_get_tree+0x105/0x220
[  954.881095]  vfs_get_tree+0x8e/0x300
[  954.881872]  path_mount+0x1429/0x2120
[  954.882673]  ? strncpy_from_user+0x9e/0x470
[  954.883589]  ? finish_automount+0xa90/0xa90
[  954.884495]  ? getname_flags.part.0+0x1dd/0x4f0
[  954.885468]  ? _copy_from_user+0xfb/0x1b0
[  954.886339]  __x64_sys_mount+0x282/0x300
[  954.887202]  ? copy_mnt_ns+0xa00/0xa00
[  954.888018]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  954.889108]  ? syscall_enter_from_user_mode+0x1d/0x50
[  954.890205]  do_syscall_64+0x33/0x40
[  954.890715] 9pnet: Insufficient options for proto=fd
[  954.890991]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  954.891004] RIP: 0033:0x7fd019574b19
[  954.891020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  954.891039] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  954.900564] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  954.902233] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  954.903956] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  954.905505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  954.907005] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:19:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x1000000000000, 0x0, 0x0, &(0x7f0000000180))

08:19:22 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x5, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  954.941344] FAULT_INJECTION: forcing a failure.
[  954.941344] name failslab, interval 1, probability 0, space 0, times 0
[  954.944591] CPU: 1 PID: 7260 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  954.946298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  954.948232] Call Trace:
[  954.948784]  dump_stack+0x107/0x167
[  954.949538]  should_fail.cold+0x5/0xa
[  954.950335]  ? __alloc_skb+0x6d/0x5b0
[  954.951144]  should_failslab+0x5/0x20
[  954.951934]  kmem_cache_alloc_node+0x55/0x330
[  954.952870]  __alloc_skb+0x6d/0x5b0
[  954.953642]  alloc_uevent_skb+0x7b/0x210
[  954.954490]  kobject_uevent_env+0xce1/0xfd0
[  954.955412]  netdev_queue_update_kobjects+0x315/0x3e0
[  954.956498]  netif_set_real_num_tx_queues+0x1ba/0x790
[  954.957583]  tun_attach.isra.0+0x610/0x1760
[  954.958518]  __tun_chr_ioctl+0x173c/0x3f40
[  954.959415]  ? __mutex_unlock_slowpath+0xe1/0x600
[  954.960424]  ? tun_chr_poll+0x700/0x700
[  954.961245]  ? wait_for_completion_io+0x270/0x270
[  954.962259]  ? selinux_file_ioctl+0xb6/0x270
[  954.963194]  ? tun_chr_compat_ioctl+0x30/0x30
[  954.964129]  __x64_sys_ioctl+0x19a/0x210
[  954.964983]  do_syscall_64+0x33/0x40
[  954.965755]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  954.966833] RIP: 0033:0x7f6888bfdb19
08:19:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2000000000000, 0x0, 0x0, &(0x7f0000000180))

[  954.967608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  954.972518] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  954.974459] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  954.976281] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  954.978093] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  954.979914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  954.981732] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[  955.030196] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7263 comm=syz-executor.0
08:19:22 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2c, 0x0, 0x0, &(0x7f0000000180))

08:19:22 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[  955.096202] 9pnet: Insufficient options for proto=fd
[  955.102470] 9pnet: Insufficient options for proto=fd
08:19:36 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:19:36 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x100000000000000, 0x0, 0x0, &(0x7f0000000180))

08:19:36 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x2, 0x0, &(0x7f0000000180))

08:19:36 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

08:19:36 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 17)

08:19:36 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  969.399284] FAULT_INJECTION: forcing a failure.
[  969.399284] name failslab, interval 1, probability 0, space 0, times 0
[  969.400740] CPU: 0 PID: 7305 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  969.401558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  969.402583] Call Trace:
[  969.402914]  dump_stack+0x107/0x167
[  969.403378]  should_fail.cold+0x5/0xa
[  969.403837]  ? create_object.isra.0+0x3a/0xa20
[  969.404406]  should_failslab+0x5/0x20
[  969.404881]  kmem_cache_alloc+0x5b/0x310
[  969.405385]  ? cred_has_capability.isra.0+0x152/0x2b0
[  969.406028]  create_object.isra.0+0x3a/0xa20
[  969.406572]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  969.407182]  kmem_cache_alloc_trace+0x151/0x320
[  969.407765]  ? v9fs_write_inode+0x60/0x60
[  969.408276]  v9fs_mount+0x5a/0x8f0
[  969.408700]  ? v9fs_write_inode+0x60/0x60
[  969.409219]  legacy_get_tree+0x105/0x220
[  969.409729]  vfs_get_tree+0x8e/0x300
[  969.410192]  path_mount+0x1429/0x2120
[  969.410670]  ? strncpy_from_user+0x9e/0x470
[  969.411205]  ? finish_automount+0xa90/0xa90
[  969.411753]  ? getname_flags.part.0+0x1dd/0x4f0
[  969.412310]  ? _copy_from_user+0xfb/0x1b0
[  969.412831]  __x64_sys_mount+0x282/0x300
[  969.413332]  ? copy_mnt_ns+0xa00/0xa00
[  969.413807]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  969.414452]  ? syscall_enter_from_user_mode+0x1d/0x50
[  969.415088]  do_syscall_64+0x33/0x40
[  969.415553]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  969.416188] RIP: 0033:0x7fd019574b19
[  969.416628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  969.418902] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  969.419819] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  969.420697] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  969.421550] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  969.422401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  969.423262] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:19:36 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 37)

08:19:36 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x6, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  969.437762] FAULT_INJECTION: forcing a failure.
[  969.437762] name failslab, interval 1, probability 0, space 0, times 0
[  969.438235] 9pnet: Insufficient options for proto=fd
[  969.439209] CPU: 0 PID: 7317 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  969.441354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  969.442359] Call Trace:
[  969.442680]  dump_stack+0x107/0x167
[  969.443124]  should_fail.cold+0x5/0xa
[  969.443598]  ? kobject_get_path+0xc5/0x1f0
[  969.444115]  should_failslab+0x5/0x20
[  969.444575]  __kmalloc+0x72/0x390
[  969.444992]  ? trace_hardirqs_on+0x5b/0x180
[  969.445522]  kobject_get_path+0xc5/0x1f0
[  969.446015]  kobject_uevent_env+0x251/0xfd0
[  969.446548]  netdev_queue_update_kobjects+0x315/0x3e0
[  969.447185]  netif_set_real_num_tx_queues+0x1ba/0x790
[  969.447832]  tun_attach.isra.0+0x610/0x1760
[  969.448371]  __tun_chr_ioctl+0x173c/0x3f40
[  969.448888]  ? __mutex_unlock_slowpath+0xe1/0x600
[  969.449472]  ? tun_chr_poll+0x700/0x700
[  969.449960]  ? wait_for_completion_io+0x270/0x270
[  969.450549]  ? selinux_file_ioctl+0xb6/0x270
[  969.451091]  ? tun_chr_compat_ioctl+0x30/0x30
[  969.451650]  __x64_sys_ioctl+0x19a/0x210
[  969.452148]  do_syscall_64+0x33/0x40
[  969.452596]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  969.453215] RIP: 0033:0x7f6888bfdb19
[  969.453667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  969.455923] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  969.456849] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  969.457717] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  969.458579] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  969.459451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  969.460315] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:19:36 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x7, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:36 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 38)

08:19:36 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x200000000000000, 0x0, 0x0, &(0x7f0000000180))

08:19:36 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[  969.529765] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7316 comm=syz-executor.0
[  969.539604] 9pnet: Insufficient options for proto=fd
08:19:36 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x3, 0x0, &(0x7f0000000180))

[  969.547164] 9pnet: Insufficient options for proto=fd
08:19:36 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x8, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:36 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x300000000000000, 0x0, 0x0, &(0x7f0000000180))

08:19:36 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[  969.598517] FAULT_INJECTION: forcing a failure.
[  969.598517] name failslab, interval 1, probability 0, space 0, times 0
[  969.601072] CPU: 1 PID: 7330 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  969.602536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  969.604320] Call Trace:
[  969.604884]  dump_stack+0x107/0x167
[  969.605662]  should_fail.cold+0x5/0xa
[  969.606483]  should_failslab+0x5/0x20
[  969.607310]  __kmalloc_node_track_caller+0x74/0x3b0
[  969.608370]  ? alloc_uevent_skb+0x7b/0x210
[  969.609288]  __alloc_skb+0xb1/0x5b0
[  969.610069]  alloc_uevent_skb+0x7b/0x210
[  969.610938]  kobject_uevent_env+0xce1/0xfd0
[  969.611881]  netdev_queue_update_kobjects+0x315/0x3e0
[  969.612991]  netif_set_real_num_tx_queues+0x1ba/0x790
[  969.614102]  tun_attach.isra.0+0x610/0x1760
[  969.615039]  __tun_chr_ioctl+0x173c/0x3f40
[  969.615962]  ? __mutex_unlock_slowpath+0xe1/0x600
[  969.616979]  ? tun_chr_poll+0x700/0x700
[  969.617820]  ? wait_for_completion_io+0x270/0x270
[  969.618858]  ? selinux_file_ioctl+0xb6/0x270
[  969.619809]  ? tun_chr_compat_ioctl+0x30/0x30
[  969.620768]  __x64_sys_ioctl+0x19a/0x210
[  969.621636]  do_syscall_64+0x33/0x40
[  969.622428]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  969.623523] RIP: 0033:0x7f6888bfdb19
08:19:36 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x400000000000000, 0x0, 0x0, &(0x7f0000000180))

[  969.624301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  969.628342] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  969.629927] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  969.631421] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  969.632908] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  969.634400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  969.635903] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:19:36 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:19:36 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x500000000000000, 0x0, 0x0, &(0x7f0000000180))

08:19:36 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 18)

[  969.713060] 9pnet: Insufficient options for proto=fd
08:19:37 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

[  969.724523] 9pnet: Insufficient options for proto=fd
08:19:37 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x600000000000000, 0x0, 0x0, &(0x7f0000000180))

[  969.761840] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7366 comm=syz-executor.0
[  969.776440] cgroup: fork rejected by pids controller in /syz5
[  969.790401] FAULT_INJECTION: forcing a failure.
[  969.790401] name failslab, interval 1, probability 0, space 0, times 0
[  969.792861] CPU: 1 PID: 7372 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  969.794296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  969.796036] Call Trace:
[  969.796590]  dump_stack+0x107/0x167
[  969.797354]  should_fail.cold+0x5/0xa
[  969.798153]  ? create_object.isra.0+0x3a/0xa20
[  969.799104]  should_failslab+0x5/0x20
[  969.799917]  kmem_cache_alloc+0x5b/0x310
[  969.800765]  create_object.isra.0+0x3a/0xa20
[  969.801673]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  969.802736]  __kmalloc_track_caller+0x177/0x370
[  969.803706]  ? v9fs_session_init+0xa7/0x1680
[  969.804623]  ? kernel_text_address+0xf2/0x120
[  969.805564]  kstrdup+0x36/0x70
[  969.806233]  v9fs_session_init+0xa7/0x1680
[  969.807124]  ? lock_release+0x680/0x680
[  969.807956]  ? find_held_lock+0x2c/0x110
[  969.808814]  ? kmem_cache_alloc_trace+0x151/0x320
[  969.809828]  ? v9fs_show_options+0x690/0x690
[  969.810756]  ? trace_hardirqs_on+0x5b/0x180
[  969.811669]  ? kasan_unpoison_shadow+0x33/0x50
[  969.812628]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  969.813691]  v9fs_mount+0x79/0x8f0
[  969.814434]  ? v9fs_write_inode+0x60/0x60
[  969.815315]  legacy_get_tree+0x105/0x220
[  969.816161]  vfs_get_tree+0x8e/0x300
[  969.816937]  path_mount+0x1429/0x2120
[  969.817739]  ? strncpy_from_user+0x9e/0x470
[  969.818636]  ? finish_automount+0xa90/0xa90
[  969.819542]  ? getname_flags.part.0+0x1dd/0x4f0
[  969.820505]  ? _copy_from_user+0xfb/0x1b0
[  969.821377]  __x64_sys_mount+0x282/0x300
[  969.822223]  ? copy_mnt_ns+0xa00/0xa00
[  969.823043]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  969.824143]  ? syscall_enter_from_user_mode+0x1d/0x50
[  969.825234]  do_syscall_64+0x33/0x40
[  969.826011]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  969.827083] RIP: 0033:0x7fd019574b19
[  969.827869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  969.831707] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  969.833292] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  969.834767] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  969.836257] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  969.837747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  969.839227] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  983.876570] FAULT_INJECTION: forcing a failure.
[  983.876570] name failslab, interval 1, probability 0, space 0, times 0
[  983.878947] CPU: 1 PID: 7389 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  983.880345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  983.882034] Call Trace:
[  983.882572]  dump_stack+0x107/0x167
[  983.883324]  should_fail.cold+0x5/0xa
[  983.884126]  ? create_object.isra.0+0x3a/0xa20
[  983.885073]  should_failslab+0x5/0x20
[  983.885853]  kmem_cache_alloc+0x5b/0x310
[  983.886696]  create_object.isra.0+0x3a/0xa20
[  983.887617]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  983.888691]  __kmalloc_track_caller+0x177/0x370
[  983.889663]  ? v9fs_session_init+0xe9/0x1680
[  983.890559]  ? kernel_text_address+0xf2/0x120
[  983.891497]  kstrdup+0x36/0x70
[  983.892165]  v9fs_session_init+0xe9/0x1680
[  983.893052]  ? lock_release+0x680/0x680
[  983.893868]  ? find_held_lock+0x2c/0x110
[  983.894725]  ? kmem_cache_alloc_trace+0x151/0x320
[  983.895739]  ? v9fs_show_options+0x690/0x690
[  983.896645]  ? trace_hardirqs_on+0x5b/0x180
[  983.897540]  ? kasan_unpoison_shadow+0x33/0x50
[  983.898500]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  983.899557]  v9fs_mount+0x79/0x8f0
[  983.900279]  ? v9fs_write_inode+0x60/0x60
[  983.901138]  legacy_get_tree+0x105/0x220
[  983.901969]  vfs_get_tree+0x8e/0x300
[  983.902737]  path_mount+0x1429/0x2120
[  983.903537]  ? strncpy_from_user+0x9e/0x470
[  983.904426]  ? finish_automount+0xa90/0xa90
[  983.905322]  ? getname_flags.part.0+0x1dd/0x4f0
[  983.906275]  ? _copy_from_user+0xfb/0x1b0
[  983.907143]  __x64_sys_mount+0x282/0x300
[  983.907977]  ? copy_mnt_ns+0xa00/0xa00
[  983.908794]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  983.909861]  ? syscall_enter_from_user_mode+0x1d/0x50
[  983.910937]  do_syscall_64+0x33/0x40
[  983.911718]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  983.912781] RIP: 0033:0x7fd019574b19
[  983.913541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  983.917360] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  983.918939] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  983.920441] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  983.921930] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  983.923400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  983.924878] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  983.962025] 9pnet: Insufficient options for proto=fd
[  983.969109] 9pnet: Insufficient options for proto=fd
[  983.978529] FAULT_INJECTION: forcing a failure.
[  983.978529] name failslab, interval 1, probability 0, space 0, times 0
[  983.981374] CPU: 1 PID: 7407 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  983.983151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  983.985318] Call Trace:
[  983.986013]  dump_stack+0x107/0x167
[  983.986968]  should_fail.cold+0x5/0xa
[  983.987983]  ? create_object.isra.0+0x3a/0xa20
[  983.989185]  should_failslab+0x5/0x20
[  983.990182]  kmem_cache_alloc+0x5b/0x310
[  983.991258]  create_object.isra.0+0x3a/0xa20
[  983.992415]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  983.993746]  __kmalloc_node_track_caller+0x1a6/0x3b0
[  983.995070]  ? alloc_uevent_skb+0x7b/0x210
[  983.996197]  __alloc_skb+0xb1/0x5b0
[  983.997156]  alloc_uevent_skb+0x7b/0x210
[  983.998222]  kobject_uevent_env+0xce1/0xfd0
[  983.999370]  netdev_queue_update_kobjects+0x315/0x3e0
08:19:51 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 19)

08:19:51 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 39)

08:19:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x9, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:51 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x700000000000000, 0x0, 0x0, &(0x7f0000000180))

08:19:51 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4, 0x0, &(0x7f0000000180))

08:19:51 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

08:19:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:19:51 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0xfffffffffffffffc, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[  984.000761]  netif_set_real_num_tx_queues+0x1ba/0x790
[  984.002340]  tun_attach.isra.0+0x610/0x1760
[  984.003520]  __tun_chr_ioctl+0x173c/0x3f40
[  984.004640]  ? __mutex_unlock_slowpath+0xe1/0x600
[  984.005894]  ? tun_chr_poll+0x700/0x700
[  984.006933]  ? wait_for_completion_io+0x270/0x270
[  984.008223]  ? selinux_file_ioctl+0xb6/0x270
[  984.009362]  ? tun_chr_compat_ioctl+0x30/0x30
[  984.010539]  __x64_sys_ioctl+0x19a/0x210
[  984.011621]  do_syscall_64+0x33/0x40
[  984.012595]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  984.013934] RIP: 0033:0x7f6888bfdb19
08:19:51 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize}]}})

[  984.014903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  984.019845] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  984.021828] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  984.023687] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  984.025547] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  984.027420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  984.029303] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:19:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xa, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  984.100853] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7418 comm=syz-executor.0
08:19:51 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xa00000000000000, 0x0, 0x0, &(0x7f0000000180))

[  984.146749] 9pnet: Insufficient options for proto=fd
08:19:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xb, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:19:51 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x5, 0x0, &(0x7f0000000180))

[  984.214255] 9pnet: Insufficient options for proto=fd
[  984.233352] 9pnet: Insufficient options for proto=fd
08:20:04 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6, 0x0, &(0x7f0000000180))

08:20:04 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:20:04 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 20)

08:20:04 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 40)

08:20:04 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:20:04 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:20:04 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:04 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xf00000000000000, 0x0, 0x0, &(0x7f0000000180))

[  997.650269] 9pnet: Insufficient options for proto=fd
[  997.653351] FAULT_INJECTION: forcing a failure.
[  997.653351] name failslab, interval 1, probability 0, space 0, times 0
[  997.655880] CPU: 0 PID: 7462 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  997.657332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  997.659095] Call Trace:
[  997.659666]  dump_stack+0x107/0x167
[  997.660436]  should_fail.cold+0x5/0xa
[  997.661242]  ? p9_client_create+0xaf/0x1230
[  997.662168]  should_failslab+0x5/0x20
[  997.662981]  kmem_cache_alloc_trace+0x55/0x320
[  997.663012] FAULT_INJECTION: forcing a failure.
[  997.663012] name failslab, interval 1, probability 0, space 0, times 0
[  997.663949]  ? find_held_lock+0x2c/0x110
[  997.663974]  p9_client_create+0xaf/0x1230
[  997.664000]  ? lock_downgrade+0x6d0/0x6d0
[  997.668943]  ? p9_client_flush+0x430/0x430
[  997.669845]  ? trace_hardirqs_on+0x5b/0x180
[  997.670762]  ? lockdep_init_map_type+0x2c7/0x780
[  997.671786]  ? __raw_spin_lock_init+0x36/0x110
[  997.672768]  v9fs_session_init+0x1dd/0x1680
[  997.673689]  ? lock_release+0x680/0x680
[  997.674543]  ? kmem_cache_alloc_trace+0x151/0x320
[  997.675590]  ? v9fs_show_options+0x690/0x690
[  997.676540]  ? trace_hardirqs_on+0x5b/0x180
[  997.677468]  ? kasan_unpoison_shadow+0x33/0x50
[  997.678447]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  997.679540]  v9fs_mount+0x79/0x8f0
[  997.680310]  ? v9fs_write_inode+0x60/0x60
[  997.681202]  legacy_get_tree+0x105/0x220
[  997.682070]  vfs_get_tree+0x8e/0x300
[  997.682858]  path_mount+0x1429/0x2120
[  997.683695]  ? strncpy_from_user+0x9e/0x470
[  997.684613]  ? finish_automount+0xa90/0xa90
[  997.685539]  ? getname_flags.part.0+0x1dd/0x4f0
[  997.686534]  ? _copy_from_user+0xfb/0x1b0
[  997.687426]  __x64_sys_mount+0x282/0x300
[  997.688304]  ? copy_mnt_ns+0xa00/0xa00
[  997.689144]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  997.690255]  ? syscall_enter_from_user_mode+0x1d/0x50
[  997.691351]  do_syscall_64+0x33/0x40
[  997.692156]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  997.693245] RIP: 0033:0x7fd019574b19
[  997.694036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  997.697985] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  997.699640] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  997.701163] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  997.702705] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  997.704592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  997.706322] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  997.707961] CPU: 1 PID: 7468 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  997.709565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  997.711316] Call Trace:
[  997.711929]  dump_stack+0x107/0x167
[  997.712805]  should_fail.cold+0x5/0xa
[  997.713626]  should_failslab+0x5/0x20
[  997.714445]  __kmalloc_track_caller+0x79/0x370
[  997.715430]  ? kvasprintf_const+0x60/0x1a0
[  997.716366]  kvasprintf+0xb5/0x150
[  997.717130]  ? bust_spinlocks+0xe0/0xe0
[  997.718010]  ? __kasan_slab_free+0x122/0x160
[  997.718942]  ? slab_free_freelist_hook+0xa9/0x180
[  997.719976]  kvasprintf_const+0x60/0x1a0
08:20:05 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x300, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  997.720854]  kobject_set_name_vargs+0x56/0x150
[  997.722080]  kobject_init_and_add+0xc9/0x160
[  997.723022]  ? kobject_create_and_add+0xb0/0xb0
[  997.724046]  net_rx_queue_update_kobjects+0x1d4/0x480
[  997.725198]  netif_set_real_num_rx_queues+0x165/0x210
[  997.726286]  tun_attach.isra.0+0x662/0x1760
[  997.727400]  __tun_chr_ioctl+0x173c/0x3f40
[  997.728316]  ? __mutex_unlock_slowpath+0xe1/0x600
[  997.729324]  ? tun_chr_poll+0x700/0x700
[  997.730160]  ? wait_for_completion_io+0x270/0x270
[  997.731185]  ? selinux_file_ioctl+0xb6/0x270
[  997.732127]  ? tun_chr_compat_ioctl+0x30/0x30
[  997.733092]  __x64_sys_ioctl+0x19a/0x210
[  997.733966]  do_syscall_64+0x33/0x40
[  997.734759]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  997.735870] RIP: 0033:0x7f6888bfdb19
[  997.736822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  997.740724] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  997.742354] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  997.743897] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  997.745427] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  997.746970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  997.748506] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[  997.750370] kobject: can not set name properly!
[  997.757804] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7456 comm=syz-executor.0
[  997.791693] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7460 comm=syz-executor.7
[  997.795655] 9pnet: Insufficient options for proto=fd
08:20:05 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x483, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:05 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x1000000000000000, 0x0, 0x0, &(0x7f0000000180))

08:20:05 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x7, 0x0, &(0x7f0000000180))

[  997.901419] 9pnet: Insufficient options for proto=fd
[  997.913299] cgroup: fork rejected by pids controller in /syz2
08:20:05 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:20:05 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[  997.920331] 9pnet: Insufficient options for proto=fd
08:20:05 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 1)

08:20:05 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 41)

08:20:05 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 21)

[  997.997313] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7497 comm=syz-executor.0
08:20:05 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x500, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[  998.024791] FAULT_INJECTION: forcing a failure.
[  998.024791] name failslab, interval 1, probability 0, space 0, times 0
[  998.027047] CPU: 0 PID: 7499 Comm: syz-executor.7 Not tainted 5.10.235 #1
[  998.028374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  998.029973] Call Trace:
[  998.030485]  dump_stack+0x107/0x167
[  998.031190]  should_fail.cold+0x5/0xa
[  998.031935]  should_failslab+0x5/0x20
[  998.032667]  __kmalloc_track_caller+0x79/0x370
[  998.033556]  ? strndup_user+0x74/0xe0
[  998.034295]  memdup_user+0x22/0xd0
[  998.034988]  strndup_user+0x74/0xe0
[  998.035693]  __x64_sys_mount+0x133/0x300
[  998.036474]  ? copy_mnt_ns+0xa00/0xa00
[  998.037263]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  998.038298]  ? syscall_enter_from_user_mode+0x1d/0x50
[  998.039287]  do_syscall_64+0x33/0x40
[  998.040017]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  998.041000] RIP: 0033:0x7f8b0da54b19
[  998.041715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  998.045255] RSP: 002b:00007f8b0afca188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  998.046737] RAX: ffffffffffffffda RBX: 00007f8b0db67f60 RCX: 00007f8b0da54b19
[  998.048109] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  998.049492] RBP: 00007f8b0afca1d0 R08: 0000000020000100 R09: 0000000000000000
[  998.050864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  998.052237] R13: 00007ffff13155ef R14: 00007f8b0afca300 R15: 0000000000022000
[  998.106046] 9pnet: Insufficient options for proto=fd
[  998.111461] 9pnet: Insufficient options for proto=fd
[  998.111657] FAULT_INJECTION: forcing a failure.
[  998.111657] name failslab, interval 1, probability 0, space 0, times 0
[  998.114978] CPU: 1 PID: 7506 Comm: syz-executor.1 Not tainted 5.10.235 #1
[  998.116438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  998.118179] Call Trace:
[  998.118739]  dump_stack+0x107/0x167
[  998.119503]  should_fail.cold+0x5/0xa
[  998.120318]  ? create_object.isra.0+0x3a/0xa20
[  998.121287]  should_failslab+0x5/0x20
[  998.122090]  kmem_cache_alloc+0x5b/0x310
[  998.122942]  ? kernel_text_address+0xf2/0x120
[  998.123892]  create_object.isra.0+0x3a/0xa20
[  998.124815]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  998.125885]  kmem_cache_alloc_trace+0x151/0x320
[  998.126865]  ? find_held_lock+0x2c/0x110
[  998.127742]  p9_client_create+0xaf/0x1230
[  998.128624]  ? lock_downgrade+0x6d0/0x6d0
[  998.129512]  ? p9_client_flush+0x430/0x430
[  998.130411]  ? trace_hardirqs_on+0x5b/0x180
[  998.131325]  ? lockdep_init_map_type+0x2c7/0x780
[  998.132332]  ? __raw_spin_lock_init+0x36/0x110
[  998.133299]  v9fs_session_init+0x1dd/0x1680
[  998.134209]  ? lock_release+0x680/0x680
[  998.135054]  ? kmem_cache_alloc_trace+0x151/0x320
[  998.136079]  ? v9fs_show_options+0x690/0x690
[  998.137015]  ? trace_hardirqs_on+0x5b/0x180
[  998.137925]  ? kasan_unpoison_shadow+0x33/0x50
[  998.138885]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  998.139971]  v9fs_mount+0x79/0x8f0
[  998.140728]  ? v9fs_write_inode+0x60/0x60
[  998.141608]  legacy_get_tree+0x105/0x220
[  998.142472]  vfs_get_tree+0x8e/0x300
[  998.143253]  path_mount+0x1429/0x2120
[  998.144072]  ? strncpy_from_user+0x9e/0x470
[  998.144973]  ? finish_automount+0xa90/0xa90
[  998.145886]  ? getname_flags.part.0+0x1dd/0x4f0
[  998.146872]  ? _copy_from_user+0xfb/0x1b0
[  998.147759]  __x64_sys_mount+0x282/0x300
[  998.148609]  ? copy_mnt_ns+0xa00/0xa00
[  998.149437]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  998.150543]  ? syscall_enter_from_user_mode+0x1d/0x50
[  998.151642]  do_syscall_64+0x33/0x40
[  998.152438]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  998.153530] RIP: 0033:0x7fd019574b19
[  998.154321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  998.158228] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  998.159840] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[  998.161352] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[  998.162856] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[  998.164369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  998.165876] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[  998.219424] FAULT_INJECTION: forcing a failure.
[  998.219424] name failslab, interval 1, probability 0, space 0, times 0
[  998.221451] CPU: 0 PID: 7514 Comm: syz-executor.3 Not tainted 5.10.235 #1
[  998.222642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  998.224093] Call Trace:
[  998.224556]  dump_stack+0x107/0x167
[  998.225196]  should_fail.cold+0x5/0xa
[  998.225864]  ? create_object.isra.0+0x3a/0xa20
[  998.226665]  should_failslab+0x5/0x20
[  998.227326]  kmem_cache_alloc+0x5b/0x310
[  998.228060]  create_object.isra.0+0x3a/0xa20
[  998.228819]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  998.229694]  __kmalloc_track_caller+0x177/0x370
[  998.230500]  ? kvasprintf_const+0x60/0x1a0
[  998.231253]  kvasprintf+0xb5/0x150
[  998.231879]  ? bust_spinlocks+0xe0/0xe0
[  998.232567]  ? __kasan_slab_free+0x122/0x160
[  998.233331]  ? slab_free_freelist_hook+0xa9/0x180
[  998.234171]  kvasprintf_const+0x60/0x1a0
[  998.234885]  kobject_set_name_vargs+0x56/0x150
[  998.235689]  kobject_init_and_add+0xc9/0x160
[  998.236464]  ? kobject_create_and_add+0xb0/0xb0
[  998.237291]  net_rx_queue_update_kobjects+0x1d4/0x480
[  998.238195]  netif_set_real_num_rx_queues+0x165/0x210
[  998.239083]  tun_attach.isra.0+0x662/0x1760
[  998.239877]  __tun_chr_ioctl+0x173c/0x3f40
[  998.240609]  ? __mutex_unlock_slowpath+0xe1/0x600
[  998.241442]  ? tun_chr_poll+0x700/0x700
[  998.242139]  ? wait_for_completion_io+0x270/0x270
[  998.242983]  ? selinux_file_ioctl+0xb6/0x270
[  998.243756]  ? tun_chr_compat_ioctl+0x30/0x30
[  998.244529]  __x64_sys_ioctl+0x19a/0x210
[  998.245231]  do_syscall_64+0x33/0x40
[  998.245874]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  998.246750] RIP: 0033:0x7f6888bfdb19
[  998.247384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  998.250560] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  998.251869] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[  998.253095] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[  998.254308] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[  998.255525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  998.256758] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:20:18 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x1100000000000000, 0x0, 0x0, &(0x7f0000000180))

08:20:18 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}, {&(0x7f0000000700)=""/213, 0xd5}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:20:18 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 22)

[ 1011.125481] FAULT_INJECTION: forcing a failure.
[ 1011.125481] name failslab, interval 1, probability 0, space 0, times 0
[ 1011.128233] CPU: 1 PID: 7527 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1011.129675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1011.131439] Call Trace:
08:20:18 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:20:18 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x600, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:18 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xa, 0x0, &(0x7f0000000180))

08:20:18 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 2)

08:20:18 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 42)

[ 1011.132183]  dump_stack+0x107/0x167
[ 1011.133153]  should_fail.cold+0x5/0xa
[ 1011.133989]  should_failslab+0x5/0x20
[ 1011.134809]  __kmalloc_track_caller+0x79/0x370
[ 1011.135803]  ? p9_client_create+0x41d/0x1230
[ 1011.136751]  kstrdup+0x36/0x70
[ 1011.137441]  p9_client_create+0x41d/0x1230
[ 1011.138347]  ? lock_downgrade+0x6d0/0x6d0
[ 1011.139237]  ? p9_client_flush+0x430/0x430
[ 1011.140158]  ? trace_hardirqs_on+0x5b/0x180
[ 1011.141084]  ? lockdep_init_map_type+0x2c7/0x780
[ 1011.142100]  ? __raw_spin_lock_init+0x36/0x110
[ 1011.143082]  v9fs_session_init+0x1dd/0x1680
[ 1011.144028]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1011.145058]  ? v9fs_show_options+0x690/0x690
[ 1011.146012]  ? trace_hardirqs_on+0x5b/0x180
[ 1011.146949]  ? kasan_unpoison_shadow+0x33/0x50
[ 1011.147943]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1011.149039]  v9fs_mount+0x79/0x8f0
[ 1011.149807]  ? v9fs_write_inode+0x60/0x60
[ 1011.150699]  legacy_get_tree+0x105/0x220
[ 1011.151571]  vfs_get_tree+0x8e/0x300
[ 1011.152380]  path_mount+0x1429/0x2120
[ 1011.153206]  ? strncpy_from_user+0x9e/0x470
[ 1011.154126]  ? finish_automount+0xa90/0xa90
[ 1011.155052]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1011.156060]  ? _copy_from_user+0xfb/0x1b0
[ 1011.156965]  __x64_sys_mount+0x282/0x300
[ 1011.157835]  ? copy_mnt_ns+0xa00/0xa00
[ 1011.158689]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1011.159829]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1011.160939]  do_syscall_64+0x33/0x40
[ 1011.161748]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1011.162847] RIP: 0033:0x7fd019574b19
[ 1011.163651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1011.167592] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1011.169228] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1011.170762] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1011.172307] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1011.173831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1011.175361] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1011.177243] 9pnet: Insufficient options for proto=fd
[ 1011.196661] FAULT_INJECTION: forcing a failure.
[ 1011.196661] name failslab, interval 1, probability 0, space 0, times 0
[ 1011.199143] CPU: 1 PID: 7535 Comm: syz-executor.7 Not tainted 5.10.235 #1
[ 1011.200604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1011.202388] Call Trace:
[ 1011.202972]  dump_stack+0x107/0x167
[ 1011.203771]  should_fail.cold+0x5/0xa
[ 1011.204590]  ? create_object.isra.0+0x3a/0xa20
[ 1011.205578]  should_failslab+0x5/0x20
[ 1011.206397]  kmem_cache_alloc+0x5b/0x310
[ 1011.207283]  create_object.isra.0+0x3a/0xa20
[ 1011.208232]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1011.209325]  __kmalloc_track_caller+0x177/0x370
[ 1011.210305]  ? strndup_user+0x74/0xe0
[ 1011.210879] FAULT_INJECTION: forcing a failure.
[ 1011.210879] name failslab, interval 1, probability 0, space 0, times 0
[ 1011.211121]  memdup_user+0x22/0xd0
[ 1011.211139]  strndup_user+0x74/0xe0
[ 1011.213982]  __x64_sys_mount+0x133/0x300
[ 1011.214832]  ? copy_mnt_ns+0xa00/0xa00
[ 1011.215652]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1011.216767]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1011.217864]  do_syscall_64+0x33/0x40
[ 1011.218648]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1011.219734] RIP: 0033:0x7f8b0da54b19
[ 1011.220520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1011.224408] RSP: 002b:00007f8b0afca188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1011.226024] RAX: ffffffffffffffda RBX: 00007f8b0db67f60 RCX: 00007f8b0da54b19
[ 1011.227529] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1011.229046] RBP: 00007f8b0afca1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1011.230554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1011.232067] R13: 00007ffff13155ef R14: 00007f8b0afca300 R15: 0000000000022000
[ 1011.233585] CPU: 0 PID: 7550 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1011.234444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1011.235453] Call Trace:
[ 1011.235788]  dump_stack+0x107/0x167
[ 1011.236229]  should_fail.cold+0x5/0xa
[ 1011.236688]  ? create_object.isra.0+0x3a/0xa20
[ 1011.237241]  should_failslab+0x5/0x20
[ 1011.237700]  kmem_cache_alloc+0x5b/0x310
[ 1011.238190]  ? vsnprintf+0x4ba/0x1600
[ 1011.238649]  create_object.isra.0+0x3a/0xa20
[ 1011.239178]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1011.239796]  __kmalloc_track_caller+0x177/0x370
[ 1011.240358]  ? kvasprintf_const+0x60/0x1a0
[ 1011.240870]  kvasprintf+0xb5/0x150
[ 1011.241297]  ? bust_spinlocks+0xe0/0xe0
[ 1011.241776]  ? __kasan_slab_free+0x122/0x160
[ 1011.242307]  ? slab_free_freelist_hook+0xa9/0x180
[ 1011.242888]  kvasprintf_const+0x60/0x1a0
[ 1011.243380]  kobject_set_name_vargs+0x56/0x150
[ 1011.243937]  kobject_init_and_add+0xc9/0x160
[ 1011.244464]  ? kobject_create_and_add+0xb0/0xb0
[ 1011.245039]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1011.245676]  netif_set_real_num_rx_queues+0x165/0x210
[ 1011.246298]  tun_attach.isra.0+0x662/0x1760
[ 1011.246831]  __tun_chr_ioctl+0x173c/0x3f40
[ 1011.247344]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1011.247931]  ? tun_chr_poll+0x700/0x700
[ 1011.248424]  ? wait_for_completion_io+0x270/0x270
[ 1011.249015]  ? selinux_file_ioctl+0xb6/0x270
[ 1011.249545]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1011.250100]  __x64_sys_ioctl+0x19a/0x210
[ 1011.250594]  do_syscall_64+0x33/0x40
[ 1011.251044]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1011.251665] RIP: 0033:0x7f6888bfdb19
[ 1011.252131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1011.254341] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1011.255261] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1011.256119] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1011.256970] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1011.257822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1011.258678] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:20:18 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x48, 0x0, &(0x7f0000000180))

08:20:18 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2c00000000000000, 0x0, 0x0, &(0x7f0000000180))

[ 1011.278258] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7537 comm=syz-executor.0
08:20:18 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1011.386709] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7658 comm=syz-executor.0
08:20:34 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4c, 0x0, &(0x7f0000000180))

[ 1027.184214] 9pnet: Insufficient options for proto=fd
08:20:34 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 3)

08:20:34 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 23)

08:20:34 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x700, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:34 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4000000000000000, 0x0, 0x0, &(0x7f0000000180))

08:20:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:20:34 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:20:34 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 43)

[ 1027.214834] 9pnet: Insufficient options for proto=fd
[ 1027.227053] FAULT_INJECTION: forcing a failure.
[ 1027.227053] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.229410] FAULT_INJECTION: forcing a failure.
[ 1027.229410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1027.229493] CPU: 0 PID: 7677 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1027.233268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1027.235030] Call Trace:
[ 1027.235592]  dump_stack+0x107/0x167
[ 1027.236347]  should_fail.cold+0x5/0xa
[ 1027.237144]  ? create_object.isra.0+0x3a/0xa20
[ 1027.238091]  should_failslab+0x5/0x20
[ 1027.238887]  kmem_cache_alloc+0x5b/0x310
[ 1027.239728]  ? lock_downgrade+0x6d0/0x6d0
[ 1027.240607]  create_object.isra.0+0x3a/0xa20
[ 1027.241537]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1027.242592]  __kmalloc_track_caller+0x177/0x370
[ 1027.243554]  ? p9_client_create+0x41d/0x1230
[ 1027.244479]  kstrdup+0x36/0x70
[ 1027.245158]  p9_client_create+0x41d/0x1230
[ 1027.246032]  ? lock_downgrade+0x6d0/0x6d0
[ 1027.246898]  ? p9_client_flush+0x430/0x430
[ 1027.247782]  ? trace_hardirqs_on+0x5b/0x180
[ 1027.248683]  ? lockdep_init_map_type+0x2c7/0x780
[ 1027.249667]  ? __raw_spin_lock_init+0x36/0x110
[ 1027.250620]  v9fs_session_init+0x1dd/0x1680
[ 1027.251538]  ? lock_release+0x680/0x680
[ 1027.252377]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1027.253393]  ? v9fs_show_options+0x690/0x690
[ 1027.254351]  ? trace_hardirqs_on+0x5b/0x180
[ 1027.255382]  ? kasan_unpoison_shadow+0x33/0x50
[ 1027.256358]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1027.257434]  v9fs_mount+0x79/0x8f0
[ 1027.258194]  ? v9fs_write_inode+0x60/0x60
[ 1027.259078]  legacy_get_tree+0x105/0x220
[ 1027.259964]  vfs_get_tree+0x8e/0x300
[ 1027.260756]  path_mount+0x1429/0x2120
[ 1027.261564]  ? strncpy_from_user+0x9e/0x470
[ 1027.262480]  ? finish_automount+0xa90/0xa90
[ 1027.263392]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1027.264387]  ? _copy_from_user+0xfb/0x1b0
[ 1027.265271]  __x64_sys_mount+0x282/0x300
[ 1027.266130]  ? copy_mnt_ns+0xa00/0xa00
[ 1027.266960]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1027.268075]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1027.269177]  do_syscall_64+0x33/0x40
[ 1027.269979]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1027.271060] RIP: 0033:0x7fd019574b19
[ 1027.271841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1027.275790] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1027.277403] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1027.278909] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1027.280416] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1027.281935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1027.283468] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1027.285025] CPU: 1 PID: 7682 Comm: syz-executor.7 Not tainted 5.10.235 #1
[ 1027.286464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1027.288193] Call Trace:
[ 1027.288752]  dump_stack+0x107/0x167
[ 1027.289509]  should_fail.cold+0x5/0xa
[ 1027.290301]  _copy_from_user+0x2e/0x1b0
[ 1027.291128]  memdup_user+0x65/0xd0
[ 1027.291855]  strndup_user+0x74/0xe0
[ 1027.292636]  __x64_sys_mount+0x133/0x300
[ 1027.293480]  ? copy_mnt_ns+0xa00/0xa00
[ 1027.294297]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1027.295383]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1027.296455]  do_syscall_64+0x33/0x40
[ 1027.297239]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1027.298300] RIP: 0033:0x7f8b0da54b19
[ 1027.299067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1027.302919] RSP: 002b:00007f8b0afca188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1027.304242] FAULT_INJECTION: forcing a failure.
[ 1027.304242] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.304486] RAX: ffffffffffffffda RBX: 00007f8b0db67f60 RCX: 00007f8b0da54b19
[ 1027.304505] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1027.309772] RBP: 00007f8b0afca1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1027.311229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1027.312718] R13: 00007ffff13155ef R14: 00007f8b0afca300 R15: 0000000000022000
[ 1027.314220] CPU: 0 PID: 7680 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1027.315682] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1027.317451] Call Trace:
[ 1027.318010]  dump_stack+0x107/0x167
[ 1027.318789]  should_fail.cold+0x5/0xa
[ 1027.319602]  should_failslab+0x5/0x20
[ 1027.320413]  __kmalloc_track_caller+0x79/0x370
[ 1027.321382]  ? kstrdup_const+0x53/0x80
[ 1027.322216]  kstrdup+0x36/0x70
[ 1027.322896]  kstrdup_const+0x53/0x80
[ 1027.323686]  __kernfs_new_node+0x9d/0x860
[ 1027.324581]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1027.325603]  ? map_id_range_down+0x1c4/0x340
[ 1027.326534]  ? projid_m_show+0x220/0x220
[ 1027.327393]  ? vsnprintf+0x4ba/0x1600
[ 1027.328203]  kernfs_new_node+0x18d/0x250
[ 1027.329067]  kernfs_create_dir_ns+0x49/0x160
[ 1027.329997]  sysfs_create_dir_ns+0x127/0x290
[ 1027.330940]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1027.331962]  ? rwlock_bug.part.0+0x90/0x90
[ 1027.332867]  ? do_raw_spin_unlock+0x4f/0x220
[ 1027.333797]  kobject_add_internal+0x25e/0xa30
[ 1027.334751]  kobject_init_and_add+0x101/0x160
[ 1027.335708]  ? kobject_create_and_add+0xb0/0xb0
[ 1027.336722]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1027.337839]  netif_set_real_num_rx_queues+0x165/0x210
[ 1027.338933]  tun_attach.isra.0+0x662/0x1760
[ 1027.339870]  __tun_chr_ioctl+0x173c/0x3f40
[ 1027.340783]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1027.341799]  ? tun_chr_poll+0x700/0x700
[ 1027.342639]  ? wait_for_completion_io+0x270/0x270
[ 1027.343671]  ? selinux_file_ioctl+0xb6/0x270
[ 1027.344612]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1027.345576]  __x64_sys_ioctl+0x19a/0x210
[ 1027.346436]  do_syscall_64+0x33/0x40
[ 1027.347228]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1027.348316] RIP: 0033:0x7f6888bfdb19
[ 1027.349101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1027.353002] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1027.354617] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1027.356134] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1027.357641] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1027.359151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1027.360671] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[ 1027.363480] kobject_add_internal failed for rx-1 (error: -12 parent: queues)
08:20:34 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:34 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x900, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1027.387407] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7684 comm=syz-executor.0
08:20:34 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x68, 0x0, &(0x7f0000000180))

08:20:34 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4800000000000000, 0x0, 0x0, &(0x7f0000000180))

[ 1027.433560] 9pnet: Insufficient options for proto=fd
[ 1027.444387] 9pnet: Insufficient options for proto=fd
08:20:34 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:20:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:20:34 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6c, 0x0, &(0x7f0000000180))

08:20:34 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xa00, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:34 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 24)

[ 1027.661479] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=7711 comm=syz-executor.0
[ 1027.670659] FAULT_INJECTION: forcing a failure.
[ 1027.670659] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.673391] CPU: 1 PID: 7718 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1027.674919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1027.676856] Call Trace:
[ 1027.677498]  dump_stack+0x107/0x167
[ 1027.678340]  should_fail.cold+0x5/0xa
[ 1027.679230]  should_failslab+0x5/0x20
[ 1027.680082]  __kmalloc_track_caller+0x79/0x370
[ 1027.681060]  ? p9_client_create+0x51e/0x1230
[ 1027.682016]  kmemdup_nul+0x2d/0xa0
[ 1027.682783]  p9_client_create+0x51e/0x1230
[ 1027.683710]  ? p9_client_flush+0x430/0x430
[ 1027.684632]  ? trace_hardirqs_on+0x5b/0x180
[ 1027.685563]  ? lockdep_init_map_type+0x2c7/0x780
[ 1027.686592]  ? __raw_spin_lock_init+0x36/0x110
[ 1027.687585]  v9fs_session_init+0x1dd/0x1680
[ 1027.688526]  ? lock_release+0x680/0x680
[ 1027.689395]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1027.690527]  ? v9fs_show_options+0x690/0x690
[ 1027.691641]  ? trace_hardirqs_on+0x5b/0x180
[ 1027.692734]  ? kasan_unpoison_shadow+0x33/0x50
[ 1027.693857]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1027.695111]  v9fs_mount+0x79/0x8f0
[ 1027.695987]  ? v9fs_write_inode+0x60/0x60
[ 1027.696992]  legacy_get_tree+0x105/0x220
[ 1027.697975]  vfs_get_tree+0x8e/0x300
[ 1027.698871]  path_mount+0x1429/0x2120
[ 1027.699809]  ? strncpy_from_user+0x9e/0x470
[ 1027.700887]  ? finish_automount+0xa90/0xa90
[ 1027.701930]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1027.703089]  ? _copy_from_user+0xfb/0x1b0
[ 1027.704201]  __x64_sys_mount+0x282/0x300
[ 1027.705155] 9pnet: Insufficient options for proto=fd
[ 1027.705274]  ? copy_mnt_ns+0xa00/0xa00
[ 1027.707644]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1027.709035]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1027.710365]  do_syscall_64+0x33/0x40
[ 1027.711321]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1027.712662] RIP: 0033:0x7fd019574b19
[ 1027.713659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1027.718417] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1027.720361] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1027.722176] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1027.724007] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1027.725825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1027.727644] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:20:34 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:35 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x74, 0x0, &(0x7f0000000180))

08:20:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x4c00000000000000, 0x0, 0x0, &(0x7f0000000180))

08:20:35 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xb00, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:35 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 44)

[ 1027.817569] cgroup: fork rejected by pids controller in /syz7
[ 1027.820583] 9pnet: Insufficient options for proto=fd
[ 1027.956461] FAULT_INJECTION: forcing a failure.
[ 1027.956461] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.959570] CPU: 0 PID: 7805 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1027.961306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1027.964628] Call Trace:
[ 1027.965308]  dump_stack+0x107/0x167
[ 1027.966230]  should_fail.cold+0x5/0xa
[ 1027.967176]  ? __kernfs_new_node+0xd4/0x860
[ 1027.968248]  should_failslab+0x5/0x20
[ 1027.969199]  kmem_cache_alloc+0x5b/0x310
[ 1027.970230]  __kernfs_new_node+0xd4/0x860
[ 1027.971274]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1027.972496]  ? map_id_range_down+0x1c4/0x340
[ 1027.973590]  ? projid_m_show+0x220/0x220
[ 1027.974588]  ? vsnprintf+0x4ba/0x1600
[ 1027.975554]  kernfs_new_node+0x18d/0x250
[ 1027.976616]  kernfs_create_dir_ns+0x49/0x160
[ 1027.977762]  sysfs_create_dir_ns+0x127/0x290
[ 1027.978910]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1027.980113]  ? rwlock_bug.part.0+0x90/0x90
[ 1027.981199]  ? do_raw_spin_unlock+0x4f/0x220
[ 1027.982365]  kobject_add_internal+0x25e/0xa30
[ 1027.983500]  kobject_init_and_add+0x101/0x160
[ 1027.984668]  ? kobject_create_and_add+0xb0/0xb0
[ 1027.985908]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1027.987209]  netif_set_real_num_rx_queues+0x165/0x210
[ 1027.988539]  tun_attach.isra.0+0x662/0x1760
[ 1027.989647]  __tun_chr_ioctl+0x173c/0x3f40
[ 1027.990724]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1027.991893]  ? tun_chr_poll+0x700/0x700
[ 1027.992910]  ? wait_for_completion_io+0x270/0x270
[ 1027.994134]  ? selinux_file_ioctl+0xb6/0x270
[ 1027.995231]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1027.996365]  __x64_sys_ioctl+0x19a/0x210
[ 1027.997402]  do_syscall_64+0x33/0x40
[ 1027.998350]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1027.999638] RIP: 0033:0x7f6888bfdb19
[ 1028.000577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1028.005206] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1028.007125] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1028.008942] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1028.010717] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1028.012589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1028.014195] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[ 1028.017250] kobject_add_internal failed for rx-1 (error: -12 parent: queues)
08:20:50 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:20:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:20:50 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 45)

08:20:50 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x6800000000000000, 0x0, 0x0, &(0x7f0000000180))

08:20:50 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x7a, 0x0, &(0x7f0000000180))

08:20:50 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 25)

08:20:50 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x1020, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:20:50 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1043.421203] FAULT_INJECTION: forcing a failure.
[ 1043.421203] name failslab, interval 1, probability 0, space 0, times 0
[ 1043.423625] CPU: 0 PID: 7952 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1043.425080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1043.426829] Call Trace:
[ 1043.427385]  dump_stack+0x107/0x167
[ 1043.428174]  should_fail.cold+0x5/0xa
[ 1043.428989]  should_failslab+0x5/0x20
[ 1043.429794]  __kmalloc_track_caller+0x79/0x370
[ 1043.430756]  ? p9_client_create+0x41d/0x1230
[ 1043.431694]  kstrdup+0x36/0x70
[ 1043.432387]  p9_client_create+0x41d/0x1230
[ 1043.433278]  ? lock_downgrade+0x6d0/0x6d0
[ 1043.434156]  ? p9_client_flush+0x430/0x430
[ 1043.435044]  ? trace_hardirqs_on+0x5b/0x180
[ 1043.435951]  ? lockdep_init_map_type+0x2c7/0x780
[ 1043.436964]  ? __raw_spin_lock_init+0x36/0x110
[ 1043.437938]  v9fs_session_init+0x1dd/0x1680
[ 1043.438851]  ? lock_release+0x680/0x680
[ 1043.439697]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1043.440269] FAULT_INJECTION: forcing a failure.
[ 1043.440269] name failslab, interval 1, probability 0, space 0, times 0
[ 1043.440724]  ? v9fs_show_options+0x690/0x690
[ 1043.443262]  ? trace_hardirqs_on+0x5b/0x180
[ 1043.444182]  ? kasan_unpoison_shadow+0x33/0x50
[ 1043.445137]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1043.446209]  v9fs_mount+0x79/0x8f0
[ 1043.446958]  ? v9fs_write_inode+0x60/0x60
[ 1043.447838]  legacy_get_tree+0x105/0x220
[ 1043.448813]  vfs_get_tree+0x8e/0x300
[ 1043.449602]  path_mount+0x1429/0x2120
[ 1043.450403]  ? strncpy_from_user+0x9e/0x470
[ 1043.451303]  ? finish_automount+0xa90/0xa90
[ 1043.452212]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1043.453193]  ? _copy_from_user+0xfb/0x1b0
[ 1043.454071]  __x64_sys_mount+0x282/0x300
[ 1043.454912]  ? copy_mnt_ns+0xa00/0xa00
[ 1043.455727]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1043.456834]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1043.457919]  do_syscall_64+0x33/0x40
[ 1043.458700]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1043.459771] RIP: 0033:0x7fd019574b19
[ 1043.460563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1043.464466] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1043.466071] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1043.467582] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1043.469115] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1043.470645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1043.472185] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1043.473740] CPU: 1 PID: 7959 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1043.474751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1043.475966] Call Trace:
[ 1043.476380]  dump_stack+0x107/0x167
[ 1043.476912]  should_fail.cold+0x5/0xa
[ 1043.477466]  ? create_object.isra.0+0x3a/0xa20
[ 1043.478149]  should_failslab+0x5/0x20
[ 1043.478702]  kmem_cache_alloc+0x5b/0x310
[ 1043.479350]  create_object.isra.0+0x3a/0xa20
[ 1043.480042]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1043.480767]  kmem_cache_alloc+0x159/0x310
[ 1043.481372]  __kernfs_new_node+0xd4/0x860
[ 1043.481959]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1043.482653]  ? map_id_range_down+0x1c4/0x340
[ 1043.483304]  ? projid_m_show+0x220/0x220
[ 1043.483924]  ? vsnprintf+0x4ba/0x1600
[ 1043.484491]  kernfs_new_node+0x18d/0x250
[ 1043.485061]  kernfs_create_dir_ns+0x49/0x160
[ 1043.485702]  sysfs_create_dir_ns+0x127/0x290
[ 1043.486339]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1043.487014]  ? rwlock_bug.part.0+0x90/0x90
[ 1043.487636]  ? do_raw_spin_unlock+0x4f/0x220
[ 1043.488281]  kobject_add_internal+0x25e/0xa30
[ 1043.488940]  kobject_init_and_add+0x101/0x160
[ 1043.489585]  ? kobject_create_and_add+0xb0/0xb0
[ 1043.490271]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1043.491020]  netif_set_real_num_rx_queues+0x165/0x210
[ 1043.491849]  tun_attach.isra.0+0x662/0x1760
[ 1043.492530]  __tun_chr_ioctl+0x173c/0x3f40
[ 1043.493144]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1043.493817]  ? tun_chr_poll+0x700/0x700
[ 1043.494388]  ? wait_for_completion_io+0x270/0x270
[ 1043.495062]  ? selinux_file_ioctl+0xb6/0x270
[ 1043.495734]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1043.496567]  __x64_sys_ioctl+0x19a/0x210
[ 1043.497242]  do_syscall_64+0x33/0x40
[ 1043.497912]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1043.498833] RIP: 0033:0x7f6888bfdb19
[ 1043.499495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1043.502773] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1043.504137] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1043.505408] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1043.506685] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1043.507944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1043.509219] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:20:50 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 26)

[ 1043.596429] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=8031 comm=syz-executor.0
08:20:50 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x2000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1043.666099] FAULT_INJECTION: forcing a failure.
[ 1043.666099] name failslab, interval 1, probability 0, space 0, times 0
[ 1043.667659] CPU: 1 PID: 8175 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1043.668563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1043.669631] Call Trace:
[ 1043.670018]  dump_stack+0x107/0x167
[ 1043.670497]  should_fail.cold+0x5/0xa
[ 1043.670995]  should_failslab+0x5/0x20
[ 1043.671486]  __kmalloc_track_caller+0x79/0x370
[ 1043.672086]  ? match_number+0xaf/0x1d0
[ 1043.672593]  kmemdup_nul+0x2d/0xa0
[ 1043.673062]  match_number+0xaf/0x1d0
[ 1043.673622]  ? match_u64+0x190/0x190
[ 1043.674197]  ? p9_client_create+0x57c/0x1230
[ 1043.674865]  ? kfree+0xd7/0x340
[ 1043.675358]  ? do_raw_spin_unlock+0x4f/0x220
[ 1043.675996]  p9_client_create+0x667/0x1230
[ 1043.676688]  ? p9_client_flush+0x430/0x430
[ 1043.677342]  ? trace_hardirqs_on+0x5b/0x180
[ 1043.678015]  ? lockdep_init_map_type+0x2c7/0x780
[ 1043.678746]  ? __raw_spin_lock_init+0x36/0x110
[ 1043.679457]  v9fs_session_init+0x1dd/0x1680
[ 1043.680136]  ? lock_release+0x680/0x680
[ 1043.680750]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1043.681486]  ? v9fs_show_options+0x690/0x690
[ 1043.682164]  ? trace_hardirqs_on+0x5b/0x180
[ 1043.682825]  ? kasan_unpoison_shadow+0x33/0x50
[ 1043.683620]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1043.684387]  v9fs_mount+0x79/0x8f0
[ 1043.684902]  ? v9fs_write_inode+0x60/0x60
[ 1043.685504]  legacy_get_tree+0x105/0x220
[ 1043.686076]  vfs_get_tree+0x8e/0x300
[ 1043.686597]  path_mount+0x1429/0x2120
[ 1043.687164]  ? strncpy_from_user+0x9e/0x470
[ 1043.687752]  ? finish_automount+0xa90/0xa90
[ 1043.688386]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1043.689053]  ? _copy_from_user+0xfb/0x1b0
[ 1043.689630]  __x64_sys_mount+0x282/0x300
[ 1043.690266]  ? copy_mnt_ns+0xa00/0xa00
[ 1043.690871]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1043.691672]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1043.692471]  do_syscall_64+0x33/0x40
[ 1043.693028]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1043.693812] RIP: 0033:0x7fd019574b19
[ 1043.694393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1043.697022] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1043.698093] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1043.699098] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1043.700093] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1043.700962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1043.701990] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:21:06 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x6c00000000000000, 0x0, 0x0, &(0x7f0000000180))

08:21:06 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:21:06 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:06 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x2010, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:06 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x106, 0x0, &(0x7f0000000180))

08:21:06 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>r1, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:21:06 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 27)

08:21:06 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 46)

[ 1059.231967] FAULT_INJECTION: forcing a failure.
[ 1059.231967] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.234700] CPU: 1 PID: 8357 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1059.236275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.238108] Call Trace:
[ 1059.238706]  dump_stack+0x107/0x167
[ 1059.239663]  should_fail.cold+0x5/0xa
[ 1059.240555]  ? create_object.isra.0+0x3a/0xa20
[ 1059.241626]  should_failslab+0x5/0x20
[ 1059.242531]  kmem_cache_alloc+0x5b/0x310
[ 1059.243493]  create_object.isra.0+0x3a/0xa20
[ 1059.244529]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1059.245722]  __kmalloc_track_caller+0x177/0x370
[ 1059.246813]  ? match_number+0xaf/0x1d0
[ 1059.247739]  kmemdup_nul+0x2d/0xa0
[ 1059.248559]  match_number+0xaf/0x1d0
[ 1059.249431]  ? match_u64+0x190/0x190
[ 1059.250308]  ? p9_client_create+0x57c/0x1230
[ 1059.251341]  ? kfree+0xd7/0x340
[ 1059.252083]  ? do_raw_spin_unlock+0x4f/0x220
[ 1059.253129]  p9_client_create+0x667/0x1230
[ 1059.254130]  ? p9_client_flush+0x430/0x430
[ 1059.255133]  ? trace_hardirqs_on+0x5b/0x180
[ 1059.256154]  ? lockdep_init_map_type+0x2c7/0x780
[ 1059.257280]  ? __raw_spin_lock_init+0x36/0x110
[ 1059.258355]  v9fs_session_init+0x1dd/0x1680
[ 1059.259369]  ? lock_release+0x680/0x680
[ 1059.260338]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1059.261464]  ? v9fs_show_options+0x690/0x690
[ 1059.262504]  ? trace_hardirqs_on+0x5b/0x180
[ 1059.263515]  ? kasan_unpoison_shadow+0x33/0x50
[ 1059.264595]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1059.265780]  v9fs_mount+0x79/0x8f0
[ 1059.266615]  ? v9fs_write_inode+0x60/0x60
[ 1059.267598]  legacy_get_tree+0x105/0x220
[ 1059.268565]  vfs_get_tree+0x8e/0x300
[ 1059.269430]  path_mount+0x1429/0x2120
[ 1059.270347]  ? strncpy_from_user+0x9e/0x470
[ 1059.271153] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=8325 comm=syz-executor.0
[ 1059.271352]  ? finish_automount+0xa90/0xa90
[ 1059.274998]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1059.276093]  ? _copy_from_user+0xfb/0x1b0
[ 1059.277078]  __x64_sys_mount+0x282/0x300
[ 1059.278021]  ? copy_mnt_ns+0xa00/0xa00
[ 1059.278933]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1059.280155]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1059.281362]  do_syscall_64+0x33/0x40
[ 1059.282232]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.283425] RIP: 0033:0x7fd019574b19
[ 1059.284387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.288391] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.290012] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1059.291527] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1059.293055] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1059.294570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1059.296088] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1059.337345] FAULT_INJECTION: forcing a failure.
[ 1059.337345] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.339882] CPU: 1 PID: 8509 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1059.341366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.343144] Call Trace:
[ 1059.343715]  dump_stack+0x107/0x167
[ 1059.344515]  should_fail.cold+0x5/0xa
[ 1059.345339]  ? create_object.isra.0+0x3a/0xa20
[ 1059.346330]  should_failslab+0x5/0x20
[ 1059.347146]  kmem_cache_alloc+0x5b/0x310
[ 1059.348026]  create_object.isra.0+0x3a/0xa20
[ 1059.348976]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1059.350077]  __kmalloc_track_caller+0x177/0x370
[ 1059.351074]  ? kstrdup_const+0x53/0x80
[ 1059.351912]  kstrdup+0x36/0x70
[ 1059.352609]  kstrdup_const+0x53/0x80
[ 1059.353416]  __kernfs_new_node+0x9d/0x860
[ 1059.354323]  ? kernfs_dop_revalidate+0x3a0/0x3a0
08:21:06 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x8304, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1059.355368]  ? map_id_range_down+0x1c4/0x340
[ 1059.356553]  ? projid_m_show+0x220/0x220
[ 1059.357468]  ? vsnprintf+0x4ba/0x1600
[ 1059.358292]  kernfs_new_node+0x18d/0x250
[ 1059.359173]  kernfs_create_dir_ns+0x49/0x160
08:21:06 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1059.360122]  sysfs_create_dir_ns+0x127/0x290
[ 1059.361196]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1059.362212]  ? rwlock_bug.part.0+0x90/0x90
[ 1059.363111]  ? do_raw_spin_unlock+0x4f/0x220
[ 1059.364065]  kobject_add_internal+0x25e/0xa30
[ 1059.365064]  kobject_init_and_add+0x101/0x160
[ 1059.366014]  ? kobject_create_and_add+0xb0/0xb0
[ 1059.367039]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1059.368170]  netif_set_real_num_rx_queues+0x165/0x210
[ 1059.369288]  tun_attach.isra.0+0x662/0x1760
[ 1059.370230]  __tun_chr_ioctl+0x173c/0x3f40
[ 1059.371142]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1059.372174]  ? tun_chr_poll+0x700/0x700
[ 1059.373041]  ? wait_for_completion_io+0x270/0x270
[ 1059.374096]  ? selinux_file_ioctl+0xb6/0x270
[ 1059.375046]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1059.376014]  __x64_sys_ioctl+0x19a/0x210
[ 1059.376906]  do_syscall_64+0x33/0x40
[ 1059.377710]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.378817] RIP: 0033:0x7f6888bfdb19
[ 1059.379620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.383598] RSP: 002b:00007f6886152188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1059.385254] RAX: ffffffffffffffda RBX: 00007f6888d11020 RCX: 00007f6888bfdb19
[ 1059.386784] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1059.388335] RBP: 00007f68861521d0 R08: 0000000000000000 R09: 0000000000000000
[ 1059.389867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1059.391400] R13: 00007ffde665f87f R14: 00007f6886152300 R15: 0000000000022000
08:21:06 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x2f0, 0x0, &(0x7f0000000180))

08:21:06 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x7400000000000000, 0x0, 0x0, &(0x7f0000000180))

08:21:06 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>r1, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1059.457282] 9pnet: Insufficient options for proto=fd
08:21:06 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x300, 0x0, &(0x7f0000000180))

08:21:06 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 28)

[ 1059.615733] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=8633 comm=syz-executor.0
08:21:06 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x7a00000000000000, 0x0, 0x0, &(0x7f0000000180))

[ 1059.666853] FAULT_INJECTION: forcing a failure.
[ 1059.666853] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.669440] CPU: 0 PID: 8734 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1059.670957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.672777] Call Trace:
[ 1059.673348]  dump_stack+0x107/0x167
[ 1059.674133]  should_fail.cold+0x5/0xa
[ 1059.675005]  should_failslab+0x5/0x20
[ 1059.675827]  __kmalloc_track_caller+0x79/0x370
[ 1059.676850]  ? match_number+0xaf/0x1d0
[ 1059.677694]  kmemdup_nul+0x2d/0xa0
[ 1059.678495]  match_number+0xaf/0x1d0
[ 1059.679287]  ? match_u64+0x190/0x190
[ 1059.680064]  ? p9_client_create+0x57c/0x1230
[ 1059.681043]  ? kfree+0xd7/0x340
[ 1059.681734]  ? do_raw_spin_unlock+0x4f/0x220
[ 1059.682663]  p9_client_create+0x667/0x1230
[ 1059.683558]  ? p9_client_flush+0x430/0x430
[ 1059.684503]  ? trace_hardirqs_on+0x5b/0x180
[ 1059.685417]  ? lockdep_init_map_type+0x2c7/0x780
[ 1059.686413]  ? __raw_spin_lock_init+0x36/0x110
[ 1059.687396]  v9fs_session_init+0x1dd/0x1680
[ 1059.688341]  ? lock_release+0x680/0x680
[ 1059.689205]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1059.690212]  ? v9fs_show_options+0x690/0x690
[ 1059.691152]  ? trace_hardirqs_on+0x5b/0x180
[ 1059.692057]  ? kasan_unpoison_shadow+0x33/0x50
[ 1059.693047]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1059.694162]  v9fs_mount+0x79/0x8f0
[ 1059.694905]  ? v9fs_write_inode+0x60/0x60
[ 1059.695782]  legacy_get_tree+0x105/0x220
[ 1059.696652]  vfs_get_tree+0x8e/0x300
[ 1059.697476]  path_mount+0x1429/0x2120
[ 1059.698282]  ? strncpy_from_user+0x9e/0x470
[ 1059.699190]  ? finish_automount+0xa90/0xa90
[ 1059.700089]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1059.701098]  ? _copy_from_user+0xfb/0x1b0
[ 1059.702019]  __x64_sys_mount+0x282/0x300
[ 1059.702873]  ? copy_mnt_ns+0xa00/0xa00
[ 1059.703695]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1059.704829]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1059.705959]  do_syscall_64+0x33/0x40
[ 1059.706752]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.707833] RIP: 0033:0x7fd019574b19
[ 1059.708644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.712623] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.714275] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1059.715786] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1059.717344] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1059.718859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1059.720392] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:21:07 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:20 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:20 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, 0x0, &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:21:20 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>r1, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:21:20 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x480, 0x0, &(0x7f0000000180))

08:21:20 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 47)

[ 1073.433871] FAULT_INJECTION: forcing a failure.
[ 1073.433871] name failslab, interval 1, probability 0, space 0, times 0
[ 1073.435201] CPU: 1 PID: 8860 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1073.436151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1073.437315] Call Trace:
[ 1073.437690]  dump_stack+0x107/0x167
[ 1073.438198]  should_fail.cold+0x5/0xa
[ 1073.438727]  ? __kernfs_new_node+0xd4/0x860
[ 1073.439331]  should_failslab+0x5/0x20
[ 1073.439864]  kmem_cache_alloc+0x5b/0x310
[ 1073.440453]  __kernfs_new_node+0xd4/0x860
[ 1073.441038]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1073.441704]  ? find_held_lock+0x2c/0x110
[ 1073.442277]  ? kernfs_add_one+0x36e/0x4d0
[ 1073.442851]  ? lock_downgrade+0x6d0/0x6d0
[ 1073.443426]  kernfs_new_node+0x18d/0x250
[ 1073.444007]  __kernfs_create_file+0x51/0x350
[ 1073.444635]  sysfs_add_file_mode_ns+0x221/0x560
[ 1073.445287]  internal_create_group+0x324/0xb30
[ 1073.445933]  ? sysfs_remove_group+0x170/0x170
[ 1073.446566]  ? kernfs_create_dir_ns+0x10b/0x160
[ 1073.447224]  ? sysfs_create_dir_ns+0x139/0x290
08:21:20 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x8004000000000000, 0x0, 0x0, &(0x7f0000000180))

08:21:20 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xedc0, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:20 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 29)

[ 1073.447850]  ? sysfs_create_dir_ns+0x177/0x290
[ 1073.448618]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1073.449303]  internal_create_groups.part.0+0x90/0x140
[ 1073.450019]  sysfs_create_groups+0x25/0x50
[ 1073.450610]  kobject_add_internal+0x550/0xa30
[ 1073.451251]  kobject_init_and_add+0x101/0x160
[ 1073.451881]  ? kobject_create_and_add+0xb0/0xb0
[ 1073.452547]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1073.453286]  netif_set_real_num_rx_queues+0x165/0x210
[ 1073.454009]  tun_attach.isra.0+0x662/0x1760
[ 1073.454492]  __tun_chr_ioctl+0x173c/0x3f40
[ 1073.455086]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1073.455771]  ? tun_chr_poll+0x700/0x700
[ 1073.456337]  ? wait_for_completion_io+0x270/0x270
[ 1073.457028]  ? selinux_file_ioctl+0xb6/0x270
[ 1073.457647]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1073.458229] FAULT_INJECTION: forcing a failure.
[ 1073.458229] name failslab, interval 1, probability 0, space 0, times 0
[ 1073.458284]  __x64_sys_ioctl+0x19a/0x210
[ 1073.460681]  do_syscall_64+0x33/0x40
[ 1073.461082]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1073.461628] RIP: 0033:0x7f6888bfdb19
[ 1073.462026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1073.463994] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1073.464815] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1073.465573] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1073.466331] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1073.467090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1073.467849] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[ 1073.468642] CPU: 0 PID: 8868 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1073.469802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1073.471177] Call Trace:
[ 1073.471626]  dump_stack+0x107/0x167
[ 1073.472247]  should_fail.cold+0x5/0xa
[ 1073.472890]  should_failslab+0x5/0x20
[ 1073.473523]  __kmalloc_track_caller+0x79/0x370
[ 1073.474287]  ? match_number+0xaf/0x1d0
[ 1073.474396] kobject_add_internal failed for rx-1 (error: -12 parent: queues)
[ 1073.474929]  ? match_token+0x31b/0x570
[ 1073.474951]  kmemdup_nul+0x2d/0xa0
[ 1073.474969]  match_number+0xaf/0x1d0
[ 1073.477547]  ? match_u64+0x190/0x190
[ 1073.478178]  ? p9_client_create+0x57c/0x1230
[ 1073.478914]  ? kfree+0xd7/0x340
[ 1073.479463]  ? do_raw_spin_unlock+0x4f/0x220
[ 1073.480199]  p9_client_create+0x667/0x1230
[ 1073.480913]  ? p9_client_flush+0x430/0x430
[ 1073.481621]  ? trace_hardirqs_on+0x5b/0x180
[ 1073.482350]  ? lockdep_init_map_type+0x2c7/0x780
[ 1073.483155]  ? __raw_spin_lock_init+0x36/0x110
[ 1073.483929]  v9fs_session_init+0x1dd/0x1680
[ 1073.484665]  ? lock_release+0x680/0x680
[ 1073.485344]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1073.486155]  ? v9fs_show_options+0x690/0x690
[ 1073.486900]  ? trace_hardirqs_on+0x5b/0x180
[ 1073.487625]  ? kasan_unpoison_shadow+0x33/0x50
[ 1073.488400]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1073.489269]  v9fs_mount+0x79/0x8f0
[ 1073.489870]  ? v9fs_write_inode+0x60/0x60
[ 1073.490572]  legacy_get_tree+0x105/0x220
[ 1073.491266]  vfs_get_tree+0x8e/0x300
[ 1073.491894]  path_mount+0x1429/0x2120
[ 1073.492555]  ? strncpy_from_user+0x9e/0x470
[ 1073.493280]  ? finish_automount+0xa90/0xa90
[ 1073.494012]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1073.494799]  ? _copy_from_user+0xfb/0x1b0
[ 1073.495506]  __x64_sys_mount+0x282/0x300
[ 1073.496189]  ? copy_mnt_ns+0xa00/0xa00
[ 1073.496850]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1073.497748]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1073.498628]  do_syscall_64+0x33/0x40
[ 1073.499280]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1073.500150] RIP: 0033:0x7fd019574b19
[ 1073.500792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1073.503923] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1073.505222] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1073.506425] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1073.507642] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1073.508851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1073.510076] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:21:20 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x500, 0x0, &(0x7f0000000180))

[ 1073.551463] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=8852 comm=syz-executor.0
08:21:20 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 48)

08:21:20 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x80000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1073.588157] FAULT_INJECTION: forcing a failure.
[ 1073.588157] name failslab, interval 1, probability 0, space 0, times 0
[ 1073.589513] CPU: 1 PID: 9050 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1073.590244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1073.591128] Call Trace:
[ 1073.591415]  dump_stack+0x107/0x167
[ 1073.591806]  should_fail.cold+0x5/0xa
[ 1073.592219]  ? create_object.isra.0+0x3a/0xa20
[ 1073.592717]  should_failslab+0x5/0x20
[ 1073.593125]  kmem_cache_alloc+0x5b/0x310
[ 1073.593561]  create_object.isra.0+0x3a/0xa20
[ 1073.594029]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1073.594571]  kmem_cache_alloc+0x159/0x310
[ 1073.595020]  __kernfs_new_node+0xd4/0x860
[ 1073.595471]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1073.595982]  ? find_held_lock+0x2c/0x110
[ 1073.596425]  ? kernfs_add_one+0x36e/0x4d0
[ 1073.596870]  ? lock_downgrade+0x6d0/0x6d0
[ 1073.597318]  kernfs_new_node+0x18d/0x250
[ 1073.597780]  __kernfs_create_file+0x51/0x350
[ 1073.598263]  sysfs_add_file_mode_ns+0x221/0x560
[ 1073.598808]  internal_create_group+0x324/0xb30
[ 1073.599302]  ? sysfs_remove_group+0x170/0x170
[ 1073.599814]  ? kernfs_create_dir_ns+0x10b/0x160
[ 1073.600314]  ? sysfs_create_dir_ns+0x139/0x290
[ 1073.600840]  ? sysfs_create_dir_ns+0x177/0x290
[ 1073.601366]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1073.601926]  internal_create_groups.part.0+0x90/0x140
[ 1073.602526]  sysfs_create_groups+0x25/0x50
[ 1073.603013]  kobject_add_internal+0x550/0xa30
[ 1073.603538]  kobject_init_and_add+0x101/0x160
[ 1073.604048]  ? kobject_create_and_add+0xb0/0xb0
[ 1073.604597]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1073.605160]  netif_set_real_num_rx_queues+0x165/0x210
[ 1073.605763]  tun_attach.isra.0+0x662/0x1760
[ 1073.606279]  __tun_chr_ioctl+0x173c/0x3f40
[ 1073.606762]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1073.607324]  ? tun_chr_poll+0x700/0x700
[ 1073.607782]  ? wait_for_completion_io+0x270/0x270
[ 1073.608343]  ? selinux_file_ioctl+0xb6/0x270
[ 1073.608827]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1073.609342]  __x64_sys_ioctl+0x19a/0x210
[ 1073.609780]  do_syscall_64+0x33/0x40
[ 1073.610216]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1073.610764] RIP: 0033:0x7f6888bfdb19
[ 1073.611194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1073.613165] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1073.613975] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1073.614736] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1073.615496] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1073.616257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1073.617096] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:21:20 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x8cffffff00000000, 0x0, 0x0, &(0x7f0000000180))

08:21:20 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x600, 0x0, &(0x7f0000000180))

08:21:20 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:20 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, 0x0)
r2 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:21:20 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 30)

08:21:20 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xe0ffff, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1073.776621] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=9199 comm=syz-executor.0
[ 1073.801766] FAULT_INJECTION: forcing a failure.
[ 1073.801766] name failslab, interval 1, probability 0, space 0, times 0
[ 1073.803890] CPU: 0 PID: 9291 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1073.805049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1073.806462] Call Trace:
[ 1073.806914]  dump_stack+0x107/0x167
[ 1073.807528]  should_fail.cold+0x5/0xa
[ 1073.808182]  should_failslab+0x5/0x20
[ 1073.808831]  __kmalloc_track_caller+0x79/0x370
[ 1073.809597]  ? match_number+0xaf/0x1d0
[ 1073.810249]  kmemdup_nul+0x2d/0xa0
[ 1073.810847]  match_number+0xaf/0x1d0
[ 1073.811468]  ? match_u64+0x190/0x190
[ 1073.812091]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1073.812909]  ? memcpy+0x39/0x60
[ 1073.813475]  parse_opts.part.0+0x1f3/0x340
[ 1073.814189]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1073.814945]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1073.815828]  ? trace_hardirqs_on+0x5b/0x180
[ 1073.816567]  ? kfree+0xd7/0x340
[ 1073.817124]  p9_fd_create+0x98/0x4a0
[ 1073.817746]  ? p9_conn_create+0x510/0x510
[ 1073.818446]  ? p9_client_create+0x798/0x1230
[ 1073.819190]  ? kfree+0xd7/0x340
[ 1073.819749]  ? do_raw_spin_unlock+0x4f/0x220
[ 1073.820503]  p9_client_create+0x7ff/0x1230
[ 1073.821227]  ? p9_client_flush+0x430/0x430
[ 1073.821941]  ? trace_hardirqs_on+0x5b/0x180
[ 1073.822667]  ? lockdep_init_map_type+0x2c7/0x780
[ 1073.823468]  ? __raw_spin_lock_init+0x36/0x110
[ 1073.824246]  v9fs_session_init+0x1dd/0x1680
[ 1073.824977]  ? lock_release+0x680/0x680
[ 1073.825650]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1073.826476]  ? v9fs_show_options+0x690/0x690
[ 1073.827225]  ? trace_hardirqs_on+0x5b/0x180
[ 1073.827947]  ? kasan_unpoison_shadow+0x33/0x50
[ 1073.828726]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1073.829575]  v9fs_mount+0x79/0x8f0
[ 1073.830177]  ? v9fs_write_inode+0x60/0x60
[ 1073.830878]  legacy_get_tree+0x105/0x220
[ 1073.831566]  vfs_get_tree+0x8e/0x300
[ 1073.832188]  path_mount+0x1429/0x2120
[ 1073.832838]  ? strncpy_from_user+0x9e/0x470
[ 1073.833580]  ? finish_automount+0xa90/0xa90
[ 1073.834308]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1073.835083]  ? _copy_from_user+0xfb/0x1b0
[ 1073.835779]  __x64_sys_mount+0x282/0x300
[ 1073.836476]  ? copy_mnt_ns+0xa00/0xa00
[ 1073.837142]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1073.838023]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1073.838899]  do_syscall_64+0x33/0x40
[ 1073.839522]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1073.840385] RIP: 0033:0x7fd019574b19
[ 1073.841023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1073.844117] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1073.845406] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1073.846611] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1073.847817] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1073.849035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1073.850257] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1073.862689] 9pnet: Insufficient options for proto=fd
[ 1090.567238] FAULT_INJECTION: forcing a failure.
[ 1090.567238] name failslab, interval 1, probability 0, space 0, times 0
[ 1090.569709] CPU: 0 PID: 9415 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1090.571136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1090.572898] Call Trace:
[ 1090.573451]  dump_stack+0x107/0x167
[ 1090.574220]  should_fail.cold+0x5/0xa
[ 1090.575032]  ? create_object.isra.0+0x3a/0xa20
[ 1090.576000]  should_failslab+0x5/0x20
08:21:37 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, 0x0, &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:21:37 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x601, 0x0, &(0x7f0000000180))

[ 1090.576814]  kmem_cache_alloc+0x5b/0x310
[ 1090.577988]  create_object.isra.0+0x3a/0xa20
[ 1090.578906]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1090.579981]  __kmalloc_track_caller+0x177/0x370
[ 1090.580972]  ? match_number+0xaf/0x1d0
[ 1090.581797]  kmemdup_nul+0x2d/0xa0
[ 1090.582550]  match_number+0xaf/0x1d0
[ 1090.583335]  ? match_u64+0x190/0x190
[ 1090.584117]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1090.585128]  ? memcpy+0x39/0x60
[ 1090.585819]  parse_opts.part.0+0x1f3/0x340
[ 1090.586719]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1090.587677]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1090.588781]  ? trace_hardirqs_on+0x5b/0x180
[ 1090.589689]  ? kfree+0xd7/0x340
[ 1090.590392]  p9_fd_create+0x98/0x4a0
[ 1090.591167]  ? p9_conn_create+0x510/0x510
[ 1090.592031]  ? p9_client_create+0x798/0x1230
[ 1090.592992]  ? kfree+0xd7/0x340
[ 1090.593139] 9pnet: Insufficient options for proto=fd
[ 1090.593685]  ? do_raw_spin_unlock+0x4f/0x220
[ 1090.593717]  p9_client_create+0x7ff/0x1230
[ 1090.596580]  ? p9_client_flush+0x430/0x430
[ 1090.597474]  ? trace_hardirqs_on+0x5b/0x180
[ 1090.598391]  ? lockdep_init_map_type+0x2c7/0x780
[ 1090.599384]  ? __raw_spin_lock_init+0x36/0x110
[ 1090.600360]  v9fs_session_init+0x1dd/0x1680
[ 1090.601264]  ? lock_release+0x680/0x680
[ 1090.602120]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1090.603132]  ? v9fs_show_options+0x690/0x690
[ 1090.604062]  ? trace_hardirqs_on+0x5b/0x180
[ 1090.604985]  ? kasan_unpoison_shadow+0x33/0x50
[ 1090.605947]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1090.607031]  v9fs_mount+0x79/0x8f0
[ 1090.607774]  ? v9fs_write_inode+0x60/0x60
[ 1090.608663]  legacy_get_tree+0x105/0x220
[ 1090.609525]  vfs_get_tree+0x8e/0x300
[ 1090.610313]  path_mount+0x1429/0x2120
[ 1090.611120]  ? strncpy_from_user+0x9e/0x470
[ 1090.612025]  ? finish_automount+0xa90/0xa90
[ 1090.612936]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1090.613920]  ? _copy_from_user+0xfb/0x1b0
[ 1090.614789]  __x64_sys_mount+0x282/0x300
[ 1090.615645]  ? copy_mnt_ns+0xa00/0xa00
[ 1090.616465]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1090.617569]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1090.618661]  do_syscall_64+0x33/0x40
[ 1090.619442]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1090.620514] RIP: 0033:0x7fd019574b19
[ 1090.621301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1090.625216] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1090.626822] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1090.628340] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1090.629873] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1090.631396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1090.632918] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1090.636748] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=9422 comm=syz-executor.0
08:21:37 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x1000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:37 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, 0x0)
r2 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:21:37 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xf002000000000000, 0x0, 0x0, &(0x7f0000000180))

08:21:37 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 49)

08:21:37 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 31)

08:21:37 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:37 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x2000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1090.668264] FAULT_INJECTION: forcing a failure.
[ 1090.668264] name failslab, interval 1, probability 0, space 0, times 0
[ 1090.670668] CPU: 0 PID: 9432 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1090.672112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1090.673863] Call Trace:
[ 1090.674422]  dump_stack+0x107/0x167
[ 1090.675197]  should_fail.cold+0x5/0xa
[ 1090.676005]  ? create_object.isra.0+0x3a/0xa20
[ 1090.676982]  should_failslab+0x5/0x20
[ 1090.677785]  kmem_cache_alloc+0x5b/0x310
[ 1090.678648]  create_object.isra.0+0x3a/0xa20
[ 1090.679572]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1090.680657]  kmem_cache_alloc+0x159/0x310
[ 1090.681537]  __kernfs_new_node+0xd4/0x860
[ 1090.682409]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1090.683388]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1090.684403]  ? wait_for_completion_io+0x270/0x270
[ 1090.685427]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1090.686526]  kernfs_new_node+0x18d/0x250
[ 1090.687399]  __kernfs_create_file+0x51/0x350
[ 1090.688476]  sysfs_add_file_mode_ns+0x221/0x560
[ 1090.689569]  internal_create_group+0x324/0xb30
[ 1090.690651]  ? sysfs_remove_group+0x170/0x170
[ 1090.691722]  ? kernfs_create_dir_ns+0x10b/0x160
[ 1090.692724]  ? sysfs_create_dir_ns+0x139/0x290
[ 1090.693686]  ? sysfs_create_dir_ns+0x177/0x290
[ 1090.694649]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1090.695679]  internal_create_groups.part.0+0x90/0x140
[ 1090.696792]  sysfs_create_groups+0x25/0x50
[ 1090.697682]  kobject_add_internal+0x550/0xa30
[ 1090.698731]  kobject_init_and_add+0x101/0x160
[ 1090.699876]  ? kobject_create_and_add+0xb0/0xb0
[ 1090.700906]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1090.702005]  netif_set_real_num_rx_queues+0x165/0x210
[ 1090.703095]  tun_attach.isra.0+0x662/0x1760
[ 1090.704024]  __tun_chr_ioctl+0x173c/0x3f40
[ 1090.704307] 9pnet: Insufficient options for proto=fd
[ 1090.704932]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1090.704949]  ? tun_chr_poll+0x700/0x700
[ 1090.704975]  ? wait_for_completion_io+0x270/0x270
[ 1090.709134]  ? selinux_file_ioctl+0xb6/0x270
[ 1090.710328]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1090.711474]  __x64_sys_ioctl+0x19a/0x210
[ 1090.712536]  do_syscall_64+0x33/0x40
[ 1090.713516]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1090.714841] RIP: 0033:0x7f6888bfdb19
[ 1090.715811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1090.720617] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1090.722594] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1090.724474] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1090.726353] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1090.728210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1090.730067] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:21:38 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x700, 0x0, &(0x7f0000000180))

08:21:38 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:38 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xfeffffff00000000, 0x0, 0x0, &(0x7f0000000180))

08:21:38 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, 0x0)
r2 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:21:38 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xa00, 0x0, &(0x7f0000000180))

08:21:38 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x3000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1090.981368] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=9634 comm=syz-executor.0
[ 1091.002375] 9pnet: Insufficient options for proto=fd
[ 1104.260394] FAULT_INJECTION: forcing a failure.
[ 1104.260394] name failslab, interval 1, probability 0, space 0, times 0
[ 1104.261854] CPU: 0 PID: 9778 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1104.262679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1104.263685] Call Trace:
[ 1104.264008]  dump_stack+0x107/0x167
[ 1104.264448]  should_fail.cold+0x5/0xa
[ 1104.264920]  should_failslab+0x5/0x20
[ 1104.265378]  __kmalloc_track_caller+0x79/0x370
[ 1104.265932]  ? match_number+0xaf/0x1d0
[ 1104.266406]  ? kfree+0xd7/0x340
[ 1104.266804]  kmemdup_nul+0x2d/0xa0
[ 1104.267237]  match_number+0xaf/0x1d0
[ 1104.267684]  ? match_u64+0x190/0x190
[ 1104.268142]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1104.268716]  ? memcpy+0x39/0x60
[ 1104.269119]  parse_opts.part.0+0x1f3/0x340
[ 1104.269622]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1104.270166]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1104.270789]  ? trace_hardirqs_on+0x5b/0x180
[ 1104.271308]  ? kfree+0xd7/0x340
[ 1104.271705]  p9_fd_create+0x98/0x4a0
[ 1104.272154]  ? p9_conn_create+0x510/0x510
[ 1104.272653]  ? p9_client_create+0x798/0x1230
[ 1104.273193]  ? kfree+0xd7/0x340
[ 1104.273584]  ? do_raw_spin_unlock+0x4f/0x220
[ 1104.274113]  p9_client_create+0x7ff/0x1230
[ 1104.274621]  ? p9_client_flush+0x430/0x430
[ 1104.275127]  ? trace_hardirqs_on+0x5b/0x180
[ 1104.275644]  ? lockdep_init_map_type+0x2c7/0x780
[ 1104.276216]  ? __raw_spin_lock_init+0x36/0x110
[ 1104.276771]  v9fs_session_init+0x1dd/0x1680
[ 1104.277300]  ? lock_release+0x680/0x680
[ 1104.277780]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1104.278359]  ? v9fs_show_options+0x690/0x690
[ 1104.278887]  ? trace_hardirqs_on+0x5b/0x180
[ 1104.279405]  ? kasan_unpoison_shadow+0x33/0x50
[ 1104.279953]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1104.280182] FAULT_INJECTION: forcing a failure.
[ 1104.280182] name failslab, interval 1, probability 0, space 0, times 0
[ 1104.280572]  v9fs_mount+0x79/0x8f0
[ 1104.283323]  ? v9fs_write_inode+0x60/0x60
[ 1104.283820]  legacy_get_tree+0x105/0x220
[ 1104.284308]  vfs_get_tree+0x8e/0x300
[ 1104.284761]  path_mount+0x1429/0x2120
[ 1104.285227]  ? strncpy_from_user+0x9e/0x470
[ 1104.285739]  ? finish_automount+0xa90/0xa90
[ 1104.286261]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1104.286816]  ? _copy_from_user+0xfb/0x1b0
[ 1104.287316]  __x64_sys_mount+0x282/0x300
[ 1104.287799]  ? copy_mnt_ns+0xa00/0xa00
[ 1104.288269]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1104.288900]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1104.289512]  do_syscall_64+0x33/0x40
[ 1104.289957]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1104.290564] RIP: 0033:0x7fd019574b19
[ 1104.291007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1104.293207] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1104.294124] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1104.294977] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1104.295823] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1104.296670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1104.297531] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1104.298406] CPU: 1 PID: 9771 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1104.298457] 9pnet: Insufficient options for proto=fd
[ 1104.299868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1104.299876] Call Trace:
[ 1104.299905]  dump_stack+0x107/0x167
[ 1104.303513]  should_fail.cold+0x5/0xa
[ 1104.304322]  ? create_object.isra.0+0x3a/0xa20
[ 1104.305288]  should_failslab+0x5/0x20
[ 1104.306091]  kmem_cache_alloc+0x5b/0x310
[ 1104.306951]  create_object.isra.0+0x3a/0xa20
[ 1104.307868]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1104.308946]  kmem_cache_alloc+0x159/0x310
[ 1104.309827]  __kernfs_new_node+0xd4/0x860
[ 1104.310713]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1104.311714]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1104.312739]  ? wait_for_completion_io+0x270/0x270
[ 1104.313777]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1104.314888]  kernfs_new_node+0x18d/0x250
[ 1104.315742]  __kernfs_create_file+0x51/0x350
[ 1104.316678]  sysfs_add_file_mode_ns+0x221/0x560
[ 1104.317678]  internal_create_group+0x324/0xb30
[ 1104.318653]  ? sysfs_remove_group+0x170/0x170
[ 1104.319593]  ? kernfs_create_dir_ns+0x10b/0x160
[ 1104.320574]  ? sysfs_create_dir_ns+0x139/0x290
[ 1104.321546]  ? sysfs_create_dir_ns+0x177/0x290
[ 1104.322509]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1104.323532]  internal_create_groups.part.0+0x90/0x140
[ 1104.324619]  sysfs_create_groups+0x25/0x50
[ 1104.325528]  kobject_add_internal+0x550/0xa30
[ 1104.326493]  kobject_init_and_add+0x101/0x160
[ 1104.327446]  ? kobject_create_and_add+0xb0/0xb0
[ 1104.328457]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1104.329574]  netif_set_real_num_rx_queues+0x165/0x210
[ 1104.330664]  tun_attach.isra.0+0x662/0x1760
[ 1104.331598]  __tun_chr_ioctl+0x173c/0x3f40
[ 1104.332488]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1104.333502]  ? tun_chr_poll+0x700/0x700
[ 1104.334338]  ? wait_for_completion_io+0x270/0x270
[ 1104.335362]  ? selinux_file_ioctl+0xb6/0x270
[ 1104.336287]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1104.337243]  __x64_sys_ioctl+0x19a/0x210
[ 1104.338098]  do_syscall_64+0x33/0x40
[ 1104.338890]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1104.339961] RIP: 0033:0x7f6888bfdb19
[ 1104.340748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1104.344620] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1104.346231] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1104.347724] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1104.349233] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1104.350737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1104.352238] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[ 1104.367710] 9pnet: Insufficient options for proto=fd
08:21:51 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 50)

08:21:51 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0xffffffff00000000, 0x0, 0x0, &(0x7f0000000180))

08:21:51 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, 0x0, &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:21:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x4000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:51 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4000, 0x0, &(0x7f0000000180))

08:21:51 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 32)

08:21:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:21:51 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:51 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x10, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:51 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4800, 0x0, &(0x7f0000000180))

[ 1104.432714] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=9949 comm=syz-executor.0
08:21:51 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x2, 0x0, &(0x7f0000000180))

08:21:51 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x48, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x5000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:21:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:21:51 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 33)

[ 1104.515332] 9pnet: Insufficient options for proto=fd
08:21:51 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4c00, 0x0, &(0x7f0000000180))

08:21:51 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 51)

[ 1104.563926] FAULT_INJECTION: forcing a failure.
[ 1104.563926] name failslab, interval 1, probability 0, space 0, times 0
[ 1104.567071] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=10121 comm=syz-executor.0
[ 1104.570353] CPU: 1 PID: 10169 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1104.571809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1104.573581] Call Trace:
[ 1104.574151]  dump_stack+0x107/0x167
[ 1104.574918]  should_fail.cold+0x5/0xa
[ 1104.575717]  ? create_object.isra.0+0x3a/0xa20
[ 1104.576691]  should_failslab+0x5/0x20
[ 1104.577507]  kmem_cache_alloc+0x5b/0x310
[ 1104.578366]  create_object.isra.0+0x3a/0xa20
[ 1104.579283]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1104.580363]  __kmalloc_track_caller+0x177/0x370
[ 1104.581347]  ? match_number+0xaf/0x1d0
[ 1104.582177]  kmemdup_nul+0x2d/0xa0
[ 1104.582928]  match_number+0xaf/0x1d0
[ 1104.583709]  ? match_u64+0x190/0x190
[ 1104.584497]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1104.585520]  ? memcpy+0x39/0x60
[ 1104.586224]  parse_opts.part.0+0x1f3/0x340
[ 1104.587116]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1104.588063]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1104.589176]  ? trace_hardirqs_on+0x5b/0x180
[ 1104.590085]  ? kfree+0xd7/0x340
[ 1104.590780]  p9_fd_create+0x98/0x4a0
[ 1104.591564]  ? p9_conn_create+0x510/0x510
[ 1104.592435]  ? p9_client_create+0x798/0x1230
[ 1104.593369]  ? kfree+0xd7/0x340
[ 1104.594059]  ? do_raw_spin_unlock+0x4f/0x220
[ 1104.594986]  p9_client_create+0x7ff/0x1230
[ 1104.595885]  ? p9_client_flush+0x430/0x430
[ 1104.596781]  ? trace_hardirqs_on+0x5b/0x180
[ 1104.597698]  ? lockdep_init_map_type+0x2c7/0x780
[ 1104.598695]  ? __raw_spin_lock_init+0x36/0x110
[ 1104.599671]  v9fs_session_init+0x1dd/0x1680
[ 1104.600578]  ? lock_release+0x680/0x680
08:21:51 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1104.601432]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1104.602603]  ? v9fs_show_options+0x690/0x690
[ 1104.603528]  ? trace_hardirqs_on+0x5b/0x180
[ 1104.604430]  ? kasan_unpoison_shadow+0x33/0x50
[ 1104.605400]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1104.606477]  v9fs_mount+0x79/0x8f0
[ 1104.607225]  ? v9fs_write_inode+0x60/0x60
[ 1104.608098]  legacy_get_tree+0x105/0x220
[ 1104.608963]  vfs_get_tree+0x8e/0x300
[ 1104.609733]  path_mount+0x1429/0x2120
[ 1104.610532]  ? strncpy_from_user+0x9e/0x470
[ 1104.611431]  ? finish_automount+0xa90/0xa90
[ 1104.612336]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1104.613329]  ? _copy_from_user+0xfb/0x1b0
[ 1104.614210]  __x64_sys_mount+0x282/0x300
[ 1104.615048]  ? copy_mnt_ns+0xa00/0xa00
[ 1104.615864]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1104.616970]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1104.618050]  do_syscall_64+0x33/0x40
[ 1104.618830]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1104.619909] RIP: 0033:0x7fd019574b19
[ 1104.620688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1104.624548] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1104.626162] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1104.627656] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1104.629154] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1104.630665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1104.632146] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1104.745396] FAULT_INJECTION: forcing a failure.
[ 1104.745396] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1104.747938] CPU: 1 PID: 10426 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1104.749402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1104.751135] Call Trace:
[ 1104.751695]  dump_stack+0x107/0x167
[ 1104.752456]  should_fail.cold+0x5/0xa
[ 1104.753273]  __alloc_pages_nodemask+0x182/0x600
[ 1104.754250]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1104.755525]  alloc_pages_current+0x187/0x280
[ 1104.756453]  allocate_slab+0x26f/0x380
[ 1104.757277]  ___slab_alloc+0x470/0x700
[ 1104.758096]  ? __kernfs_new_node+0xd4/0x860
[ 1104.759007]  ? __kernfs_new_node+0xd4/0x860
[ 1104.759914]  ? kmem_cache_alloc+0x301/0x310
[ 1104.761016]  kmem_cache_alloc+0x301/0x310
[ 1104.761884]  __kernfs_new_node+0xd4/0x860
[ 1104.762755]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1104.763754]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1104.764775]  ? wait_for_completion_io+0x270/0x270
[ 1104.765794]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1104.766900]  kernfs_new_node+0x18d/0x250
[ 1104.767756]  __kernfs_create_file+0x51/0x350
[ 1104.768682]  sysfs_add_file_mode_ns+0x221/0x560
[ 1104.769658]  internal_create_group+0x324/0xb30
[ 1104.770622]  ? sysfs_remove_group+0x170/0x170
[ 1104.771558]  ? kernfs_create_dir_ns+0x10b/0x160
[ 1104.772538]  ? sysfs_create_dir_ns+0x139/0x290
[ 1104.773505]  ? sysfs_create_dir_ns+0x177/0x290
[ 1104.774452]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1104.775467]  internal_create_groups.part.0+0x90/0x140
[ 1104.776555]  sysfs_create_groups+0x25/0x50
[ 1104.777446]  kobject_add_internal+0x550/0xa30
[ 1104.778400]  kobject_init_and_add+0x101/0x160
[ 1104.779325]  ? kobject_create_and_add+0xb0/0xb0
[ 1104.780329]  net_rx_queue_update_kobjects+0x1d4/0x480
[ 1104.781434]  netif_set_real_num_rx_queues+0x165/0x210
[ 1104.782519]  tun_attach.isra.0+0x662/0x1760
[ 1104.783443]  __tun_chr_ioctl+0x173c/0x3f40
[ 1104.784335]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1104.785353]  ? tun_chr_poll+0x700/0x700
[ 1104.786183]  ? wait_for_completion_io+0x270/0x270
[ 1104.787202]  ? selinux_file_ioctl+0xb6/0x270
[ 1104.788122]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1104.789069]  __x64_sys_ioctl+0x19a/0x210
[ 1104.789919]  do_syscall_64+0x33/0x40
[ 1104.790705]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1104.791780] RIP: 0033:0x7f6888bfdb19
[ 1104.792557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1104.796439] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1104.798041] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1104.799555] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1104.801059] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1104.802558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1104.804054] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:22:07 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 52)

08:22:07 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x6000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:07 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6800, 0x0, &(0x7f0000000180))

08:22:07 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x3, 0x0, &(0x7f0000000180))

08:22:07 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:22:07 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x68, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:07 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 34)

08:22:07 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1120.164608] FAULT_INJECTION: forcing a failure.
[ 1120.164608] name failslab, interval 1, probability 0, space 0, times 0
[ 1120.166978] 9pnet: Insufficient options for proto=fd
[ 1120.168181] CPU: 0 PID: 10450 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1120.169659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1120.171412] Call Trace:
[ 1120.171970]  dump_stack+0x107/0x167
[ 1120.172737]  should_fail.cold+0x5/0xa
[ 1120.173553]  ? p9_fd_create+0x161/0x4a0
[ 1120.174399]  should_failslab+0x5/0x20
[ 1120.175207]  kmem_cache_alloc_trace+0x55/0x320
[ 1120.176179]  p9_fd_create+0x161/0x4a0
[ 1120.176992]  ? p9_conn_create+0x510/0x510
[ 1120.177865]  ? p9_client_create+0x798/0x1230
[ 1120.178798]  ? kfree+0xd7/0x340
[ 1120.179290] FAULT_INJECTION: forcing a failure.
[ 1120.179290] name failslab, interval 1, probability 0, space 0, times 0
[ 1120.179491]  ? do_raw_spin_unlock+0x4f/0x220
[ 1120.179520]  p9_client_create+0x7ff/0x1230
[ 1120.183653]  ? p9_client_flush+0x430/0x430
[ 1120.184549]  ? trace_hardirqs_on+0x5b/0x180
[ 1120.185477]  ? lockdep_init_map_type+0x2c7/0x780
[ 1120.186477]  ? __raw_spin_lock_init+0x36/0x110
[ 1120.187453]  v9fs_session_init+0x1dd/0x1680
[ 1120.188364]  ? lock_release+0x680/0x680
[ 1120.189230]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1120.190247]  ? v9fs_show_options+0x690/0x690
[ 1120.191187]  ? trace_hardirqs_on+0x5b/0x180
[ 1120.192098]  ? kasan_unpoison_shadow+0x33/0x50
[ 1120.193084]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1120.194166]  v9fs_mount+0x79/0x8f0
[ 1120.194922]  ? v9fs_write_inode+0x60/0x60
[ 1120.195795]  legacy_get_tree+0x105/0x220
[ 1120.196654]  vfs_get_tree+0x8e/0x300
[ 1120.197454]  path_mount+0x1429/0x2120
[ 1120.198260]  ? strncpy_from_user+0x9e/0x470
[ 1120.199169]  ? finish_automount+0xa90/0xa90
[ 1120.200084]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1120.201077]  ? _copy_from_user+0xfb/0x1b0
[ 1120.201960]  __x64_sys_mount+0x282/0x300
[ 1120.202812]  ? copy_mnt_ns+0xa00/0xa00
[ 1120.203642]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1120.204755]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1120.205843]  do_syscall_64+0x33/0x40
[ 1120.206635]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1120.207718] RIP: 0033:0x7fd019574b19
[ 1120.208508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1120.212424] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1120.214058] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1120.215579] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1120.217131] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1120.218644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1120.220161] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1120.221700] CPU: 1 PID: 10446 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1120.223169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1120.224906] Call Trace:
[ 1120.225474]  dump_stack+0x107/0x167
[ 1120.226249]  should_fail.cold+0x5/0xa
[ 1120.227050]  ? create_object.isra.0+0x3a/0xa20
[ 1120.228008]  should_failslab+0x5/0x20
[ 1120.228808]  kmem_cache_alloc+0x5b/0x310
[ 1120.229676]  create_object.isra.0+0x3a/0xa20
[ 1120.230596]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1120.231663]  kmem_cache_alloc_trace+0x151/0x320
[ 1120.232652]  kobject_uevent_env+0x22b/0xfd0
[ 1120.233583]  net_rx_queue_update_kobjects+0xef/0x480
[ 1120.234787]  netif_set_real_num_rx_queues+0x165/0x210
[ 1120.235975]  tun_attach.isra.0+0x662/0x1760
[ 1120.236905]  __tun_chr_ioctl+0x173c/0x3f40
[ 1120.237810]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1120.238831]  ? tun_chr_poll+0x700/0x700
[ 1120.239670]  ? wait_for_completion_io+0x270/0x270
[ 1120.240696]  ? selinux_file_ioctl+0xb6/0x270
[ 1120.241635]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1120.242583]  __x64_sys_ioctl+0x19a/0x210
[ 1120.243446]  do_syscall_64+0x33/0x40
[ 1120.244235]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1120.245305] RIP: 0033:0x7f6888bfdb19
[ 1120.246091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1120.249300] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=10455 comm=syz-executor.0
[ 1120.249948] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1120.249969] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1120.249980] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1120.249998] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1120.258695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1120.260191] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:22:07 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x4, 0x0, &(0x7f0000000180))

08:22:07 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6c00, 0x0, &(0x7f0000000180))

08:22:07 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:22:07 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:07 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x7000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:07 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x7400, 0x0, &(0x7f0000000180))

[ 1120.429296] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=10668 comm=syz-executor.0
08:22:07 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x5, 0x0, &(0x7f0000000180))

[ 1120.458237] 9pnet: Insufficient options for proto=fd
08:22:07 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:22:22 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 35)

08:22:22 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:22:22 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x7a00, 0x0, &(0x7f0000000180))

08:22:22 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 53)

08:22:22 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x74, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:22 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x8000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x6, 0x0, &(0x7f0000000180))

08:22:22 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440))
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1135.414990] 9pnet: Insufficient options for proto=fd
[ 1135.425519] FAULT_INJECTION: forcing a failure.
[ 1135.425519] name failslab, interval 1, probability 0, space 0, times 0
[ 1135.428081] CPU: 1 PID: 10895 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1135.429574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1135.431330] Call Trace:
[ 1135.431905]  dump_stack+0x107/0x167
[ 1135.432689]  should_fail.cold+0x5/0xa
[ 1135.433525]  ? create_object.isra.0+0x3a/0xa20
[ 1135.434517]  should_failslab+0x5/0x20
[ 1135.435334]  kmem_cache_alloc+0x5b/0x310
[ 1135.436215]  create_object.isra.0+0x3a/0xa20
[ 1135.437166]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1135.438265]  kmem_cache_alloc_trace+0x151/0x320
[ 1135.439273]  kobject_uevent_env+0x22b/0xfd0
[ 1135.440222]  net_rx_queue_update_kobjects+0xef/0x480
[ 1135.441341]  netif_set_real_num_rx_queues+0x165/0x210
[ 1135.442440]  tun_attach.isra.0+0x662/0x1760
[ 1135.443378]  __tun_chr_ioctl+0x173c/0x3f40
[ 1135.444288]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1135.445317]  ? tun_chr_poll+0x700/0x700
[ 1135.446164]  ? wait_for_completion_io+0x270/0x270
[ 1135.447205]  ? selinux_file_ioctl+0xb6/0x270
[ 1135.448143]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1135.449098]  __x64_sys_ioctl+0x19a/0x210
[ 1135.449974]  do_syscall_64+0x33/0x40
[ 1135.450765]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1135.451845] RIP: 0033:0x7f6888bfdb19
[ 1135.452631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1135.456583] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1135.458223] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1135.459719] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1135.461240] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1135.462747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1135.464258] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[ 1135.469524] FAULT_INJECTION: forcing a failure.
[ 1135.469524] name failslab, interval 1, probability 0, space 0, times 0
[ 1135.471946] CPU: 1 PID: 10910 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1135.473472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1135.475217] Call Trace:
[ 1135.475770]  dump_stack+0x107/0x167
[ 1135.476543]  should_fail.cold+0x5/0xa
[ 1135.477354]  ? create_object.isra.0+0x3a/0xa20
[ 1135.478319]  should_failslab+0x5/0x20
[ 1135.479123]  kmem_cache_alloc+0x5b/0x310
[ 1135.479973]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1135.481113]  create_object.isra.0+0x3a/0xa20
[ 1135.482138]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1135.482158] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=10911 comm=syz-executor.0
[ 1135.485769]  kmem_cache_alloc_trace+0x151/0x320
[ 1135.486743]  p9_fd_create+0x161/0x4a0
[ 1135.487551]  ? p9_conn_create+0x510/0x510
[ 1135.488423]  ? p9_client_create+0x798/0x1230
[ 1135.489370]  ? kfree+0xd7/0x340
[ 1135.490068]  ? do_raw_spin_unlock+0x4f/0x220
[ 1135.491005]  p9_client_create+0x7ff/0x1230
[ 1135.491908]  ? p9_client_flush+0x430/0x430
[ 1135.492794]  ? trace_hardirqs_on+0x5b/0x180
[ 1135.493717]  ? lockdep_init_map_type+0x2c7/0x780
[ 1135.494723]  ? __raw_spin_lock_init+0x36/0x110
[ 1135.495693]  v9fs_session_init+0x1dd/0x1680
[ 1135.496608]  ? lock_release+0x680/0x680
[ 1135.497465]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1135.498484]  ? v9fs_show_options+0x690/0x690
[ 1135.499423]  ? trace_hardirqs_on+0x5b/0x180
[ 1135.500335]  ? kasan_unpoison_shadow+0x33/0x50
[ 1135.501311]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1135.502397]  v9fs_mount+0x79/0x8f0
[ 1135.503148]  ? v9fs_write_inode+0x60/0x60
[ 1135.504024]  legacy_get_tree+0x105/0x220
[ 1135.504882]  vfs_get_tree+0x8e/0x300
[ 1135.505678]  path_mount+0x1429/0x2120
[ 1135.506489]  ? strncpy_from_user+0x9e/0x470
[ 1135.507400]  ? finish_automount+0xa90/0xa90
[ 1135.508340]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1135.509333]  ? _copy_from_user+0xfb/0x1b0
[ 1135.510219]  __x64_sys_mount+0x282/0x300
[ 1135.511095]  ? copy_mnt_ns+0xa00/0xa00
[ 1135.511964]  do_syscall_64+0x33/0x40
[ 1135.512750]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1135.513834] RIP: 0033:0x7fd019574b19
[ 1135.514645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1135.518590] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1135.520193] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1135.521701] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1135.523212] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1135.524717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1135.526225] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:22:22 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x8004, 0x0, &(0x7f0000000180))

08:22:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x7, 0x0, &(0x7f0000000180))

08:22:22 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:22:22 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 54)

08:22:22 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:22 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:22:22 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xf002, 0x0, &(0x7f0000000180))

08:22:22 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x9000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1135.741634] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=11125 comm=syz-executor.0
[ 1135.786600] FAULT_INJECTION: forcing a failure.
[ 1135.786600] name failslab, interval 1, probability 0, space 0, times 0
[ 1135.789236] CPU: 1 PID: 11135 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1135.790940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1135.792853] Call Trace:
[ 1135.793481]  dump_stack+0x107/0x167
[ 1135.794336]  should_fail.cold+0x5/0xa
[ 1135.795235]  ? create_object.isra.0+0x3a/0xa20
[ 1135.796303]  should_failslab+0x5/0x20
[ 1135.797255]  kmem_cache_alloc+0x5b/0x310
[ 1135.798282]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1135.799508]  create_object.isra.0+0x3a/0xa20
[ 1135.800606]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1135.801896]  __kmalloc+0x16e/0x390
[ 1135.802788]  kobject_get_path+0xc5/0x1f0
[ 1135.803813]  kobject_uevent_env+0x251/0xfd0
[ 1135.804887]  net_rx_queue_update_kobjects+0xef/0x480
[ 1135.806173]  netif_set_real_num_rx_queues+0x165/0x210
[ 1135.807436]  tun_attach.isra.0+0x662/0x1760
[ 1135.808539]  __tun_chr_ioctl+0x173c/0x3f40
[ 1135.808773] 9pnet: Insufficient options for proto=fd
[ 1135.809622]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1135.809646]  ? tun_chr_poll+0x700/0x700
[ 1135.809675]  ? wait_for_completion_io+0x270/0x270
[ 1135.814119]  ? selinux_file_ioctl+0xb6/0x270
[ 1135.815233]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1135.816326]  __x64_sys_ioctl+0x19a/0x210
[ 1135.817351]  do_syscall_64+0x33/0x40
[ 1135.818293]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1135.819568] RIP: 0033:0x7f6888bfdb19
[ 1135.820515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1135.825031] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1135.826924] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1135.828685] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1135.830460] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1135.832222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1135.833998] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:22:37 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="0000000000000400"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:22:37 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:22:37 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x20000, 0x0, &(0x7f0000000180))

08:22:37 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 55)

08:22:37 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xa000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:37 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xa, 0x0, &(0x7f0000000180))

08:22:37 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x300, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:37 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 36)

[ 1150.545421] 9pnet: Insufficient options for proto=fd
[ 1150.552371] FAULT_INJECTION: forcing a failure.
[ 1150.552371] name failslab, interval 1, probability 0, space 0, times 0
[ 1150.554823] CPU: 0 PID: 11354 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1150.556280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1150.558053] Call Trace:
[ 1150.558617]  dump_stack+0x107/0x167
[ 1150.559396]  should_fail.cold+0x5/0xa
[ 1150.560209]  ? p9_client_prepare_req.part.0+0x3a/0xac0
[ 1150.561340]  should_failslab+0x5/0x20
[ 1150.562142]  kmem_cache_alloc+0x5b/0x310
[ 1150.563007]  p9_client_prepare_req.part.0+0x3a/0xac0
[ 1150.564092]  p9_client_rpc+0x220/0x1370
[ 1150.564463] FAULT_INJECTION: forcing a failure.
[ 1150.564463] name failslab, interval 1, probability 0, space 0, times 0
[ 1150.564940]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1150.564969]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1150.564997]  ? pipe_poll+0x21b/0x800
[ 1150.570334]  ? p9_fd_close+0x4a0/0x4a0
[ 1150.571155]  ? wait_for_partner+0x3c0/0x3c0
[ 1150.572064]  ? p9_fd_poll+0x1e0/0x2c0
[ 1150.572868]  ? p9_fd_create+0x357/0x4a0
[ 1150.573715]  ? p9_conn_create+0x510/0x510
[ 1150.574588]  ? p9_client_create+0x798/0x1230
[ 1150.575517]  ? kfree+0xd7/0x340
[ 1150.576207]  ? do_raw_spin_unlock+0x4f/0x220
[ 1150.577144]  p9_client_create+0xa76/0x1230
[ 1150.578060]  ? p9_client_flush+0x430/0x430
[ 1150.578955]  ? trace_hardirqs_on+0x5b/0x180
[ 1150.579862]  ? lockdep_init_map_type+0x2c7/0x780
[ 1150.580867]  ? __raw_spin_lock_init+0x36/0x110
[ 1150.581848]  v9fs_session_init+0x1dd/0x1680
[ 1150.582762]  ? lock_release+0x680/0x680
[ 1150.583619]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1150.584636]  ? v9fs_show_options+0x690/0x690
[ 1150.585583]  ? trace_hardirqs_on+0x5b/0x180
[ 1150.586499]  ? kasan_unpoison_shadow+0x33/0x50
[ 1150.587461]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1150.588534]  v9fs_mount+0x79/0x8f0
[ 1150.589292]  ? v9fs_write_inode+0x60/0x60
[ 1150.590173]  legacy_get_tree+0x105/0x220
[ 1150.591035]  vfs_get_tree+0x8e/0x300
[ 1150.591821]  path_mount+0x1429/0x2120
[ 1150.592636]  ? strncpy_from_user+0x9e/0x470
[ 1150.593555]  ? finish_automount+0xa90/0xa90
[ 1150.594468]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1150.595451]  ? _copy_from_user+0xfb/0x1b0
[ 1150.596337]  __x64_sys_mount+0x282/0x300
[ 1150.597194]  ? copy_mnt_ns+0xa00/0xa00
[ 1150.598029]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1150.599137]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1150.600232]  do_syscall_64+0x33/0x40
[ 1150.601022]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1150.602112] RIP: 0033:0x7fd019574b19
[ 1150.602908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1150.606793] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1150.608415] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1150.609937] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1150.611457] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1150.612974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1150.614506] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1150.616049] CPU: 1 PID: 11352 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1150.617531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1150.619289] Call Trace:
[ 1150.619859]  dump_stack+0x107/0x167
[ 1150.620631]  should_fail.cold+0x5/0xa
[ 1150.621462]  ? create_object.isra.0+0x3a/0xa20
[ 1150.622427]  should_failslab+0x5/0x20
[ 1150.623231]  kmem_cache_alloc+0x5b/0x310
[ 1150.624086]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1150.625112]  create_object.isra.0+0x3a/0xa20
[ 1150.626048]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1150.627113]  __kmalloc+0x16e/0x390
[ 1150.627869]  kobject_get_path+0xc5/0x1f0
[ 1150.628730]  kobject_uevent_env+0x251/0xfd0
[ 1150.629659]  net_rx_queue_update_kobjects+0xef/0x480
[ 1150.630742]  netif_set_real_num_rx_queues+0x165/0x210
[ 1150.631832]  tun_attach.isra.0+0x662/0x1760
[ 1150.632761]  __tun_chr_ioctl+0x173c/0x3f40
[ 1150.633666]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1150.634686]  ? tun_chr_poll+0x700/0x700
[ 1150.635528]  ? wait_for_completion_io+0x270/0x270
[ 1150.636560]  ? selinux_file_ioctl+0xb6/0x270
[ 1150.637500]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1150.638450]  __x64_sys_ioctl+0x19a/0x210
[ 1150.639312]  do_syscall_64+0x33/0x40
[ 1150.640105]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1150.641184] RIP: 0033:0x7f6888bfdb19
[ 1150.641975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1150.645881] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1150.647490] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1150.648995] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1150.650506] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1150.652010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1150.653535] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:22:37 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x1000000, 0x0, &(0x7f0000000180))

08:22:38 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 37)

[ 1150.723620] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=11369 comm=syz-executor.0
08:22:38 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xb000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:38 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xf, 0x0, &(0x7f0000000180))

08:22:38 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="0000000000000400"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1150.817142] 9pnet: Insufficient options for proto=fd
08:22:38 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x500, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:38 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x2000000, 0x0, &(0x7f0000000180))

[ 1150.862715] FAULT_INJECTION: forcing a failure.
[ 1150.862715] name failslab, interval 1, probability 0, space 0, times 0
[ 1150.865063] CPU: 0 PID: 11619 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1150.866496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1150.868193] Call Trace:
[ 1150.868734]  dump_stack+0x107/0x167
[ 1150.869491]  should_fail.cold+0x5/0xa
[ 1150.870277]  ? create_object.isra.0+0x3a/0xa20
[ 1150.871215]  should_failslab+0x5/0x20
[ 1150.871999]  kmem_cache_alloc+0x5b/0x310
[ 1150.872834]  create_object.isra.0+0x3a/0xa20
[ 1150.873739]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1150.874792]  kmem_cache_alloc+0x159/0x310
[ 1150.875653]  p9_client_prepare_req.part.0+0x3a/0xac0
[ 1150.876703]  p9_client_rpc+0x220/0x1370
[ 1150.877531]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1150.878619]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1150.879719]  ? pipe_poll+0x21b/0x800
[ 1150.880480]  ? p9_fd_close+0x4a0/0x4a0
[ 1150.881285]  ? wait_for_partner+0x3c0/0x3c0
[ 1150.882166]  ? p9_fd_poll+0x1e0/0x2c0
[ 1150.882956]  ? p9_fd_create+0x357/0x4a0
[ 1150.883770]  ? p9_conn_create+0x510/0x510
[ 1150.884621]  ? p9_client_create+0x798/0x1230
[ 1150.885528]  ? kfree+0xd7/0x340
[ 1150.886201]  ? do_raw_spin_unlock+0x4f/0x220
[ 1150.887110]  p9_client_create+0xa76/0x1230
[ 1150.887985]  ? p9_client_flush+0x430/0x430
[ 1150.888852]  ? trace_hardirqs_on+0x5b/0x180
[ 1150.889735]  ? lockdep_init_map_type+0x2c7/0x780
[ 1150.890698]  ? __raw_spin_lock_init+0x36/0x110
[ 1150.891628]  v9fs_session_init+0x1dd/0x1680
[ 1150.892501]  ? lock_release+0x680/0x680
[ 1150.893319]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1150.894299]  ? v9fs_show_options+0x690/0x690
[ 1150.895198]  ? trace_hardirqs_on+0x5b/0x180
[ 1150.896080]  ? kasan_unpoison_shadow+0x33/0x50
[ 1150.897008]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1150.898046]  v9fs_mount+0x79/0x8f0
[ 1150.898770]  ? v9fs_write_inode+0x60/0x60
[ 1150.899618]  legacy_get_tree+0x105/0x220
[ 1150.900446]  vfs_get_tree+0x8e/0x300
[ 1150.901202]  path_mount+0x1429/0x2120
[ 1150.901995]  ? strncpy_from_user+0x9e/0x470
[ 1150.902871]  ? finish_automount+0xa90/0xa90
[ 1150.903752]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1150.904699]  ? _copy_from_user+0xfb/0x1b0
[ 1150.905561]  __x64_sys_mount+0x282/0x300
[ 1150.906392]  ? copy_mnt_ns+0xa00/0xa00
[ 1150.907189]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1150.908258]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1150.909318]  do_syscall_64+0x33/0x40
[ 1150.910080]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1150.911125] RIP: 0033:0x7fd019574b19
[ 1150.911879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1150.915646] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1150.917187] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1150.918637] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1150.920068] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1150.921524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1150.922958] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:22:38 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x3000000, 0x0, &(0x7f0000000180))

[ 1150.963840] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=11661 comm=syz-executor.0
08:22:38 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x10, 0x0, &(0x7f0000000180))

08:22:52 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 38)

08:22:52 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:52 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x11, 0x0, &(0x7f0000000180))

08:22:52 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 56)

08:22:52 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x600, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:22:52 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:22:52 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="0000000000000400"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:22:52 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4000000, 0x0, &(0x7f0000000180))

[ 1165.308703] FAULT_INJECTION: forcing a failure.
[ 1165.308703] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.310142] CPU: 0 PID: 11819 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1165.310986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.311987] Call Trace:
[ 1165.312322]  dump_stack+0x107/0x167
[ 1165.312777]  should_fail.cold+0x5/0xa
[ 1165.313254]  should_failslab+0x5/0x20
[ 1165.313743]  __kmalloc_node_track_caller+0x74/0x3b0
[ 1165.314362]  ? alloc_uevent_skb+0x7b/0x210
[ 1165.314890]  __alloc_skb+0xb1/0x5b0
[ 1165.315340]  alloc_uevent_skb+0x7b/0x210
[ 1165.315854]  kobject_uevent_env+0xce1/0xfd0
[ 1165.316398]  net_rx_queue_update_kobjects+0xef/0x480
[ 1165.317035]  netif_set_real_num_rx_queues+0x165/0x210
[ 1165.317670]  tun_attach.isra.0+0x662/0x1760
[ 1165.318225]  __tun_chr_ioctl+0x173c/0x3f40
[ 1165.318753]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1165.319342]  ? tun_chr_poll+0x700/0x700
[ 1165.319840]  ? wait_for_completion_io+0x270/0x270
[ 1165.320438]  ? selinux_file_ioctl+0xb6/0x270
[ 1165.321057]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1165.321754]  __x64_sys_ioctl+0x19a/0x210
[ 1165.322356]  do_syscall_64+0x33/0x40
[ 1165.322883]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1165.323586] RIP: 0033:0x7f6888bfdb19
[ 1165.324125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.326328] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1165.327216] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1165.328051] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1165.328885] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.329720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1165.330544] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
[ 1165.331847] FAULT_INJECTION: forcing a failure.
[ 1165.331847] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1165.334378] CPU: 1 PID: 11829 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1165.335832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.337547] Call Trace:
[ 1165.338103]  dump_stack+0x107/0x167
[ 1165.338864]  should_fail.cold+0x5/0xa
[ 1165.339643]  __alloc_pages_nodemask+0x182/0x600
[ 1165.340609]  ? lock_acquire+0x197/0x470
[ 1165.341433]  ? create_object.isra.0+0x3ad/0xa20
[ 1165.342410]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1165.343651]  ? kmem_cache_alloc+0x159/0x310
[ 1165.344528]  alloc_pages_current+0x187/0x280
[ 1165.345444]  kmalloc_order+0x35/0x160
[ 1165.346231]  kmalloc_order_trace+0x14/0xa0
[ 1165.347111]  p9_fcall_init+0x97/0x290
[ 1165.347889]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 1165.348931]  p9_client_rpc+0x220/0x1370
[ 1165.349764]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1165.350863]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1165.351954]  ? pipe_poll+0x21b/0x800
[ 1165.352714]  ? p9_fd_close+0x4a0/0x4a0
[ 1165.353532]  ? wait_for_partner+0x3c0/0x3c0
[ 1165.354407]  ? p9_fd_poll+0x1e0/0x2c0
[ 1165.355193]  ? p9_fd_create+0x357/0x4a0
[ 1165.356008]  ? p9_conn_create+0x510/0x510
[ 1165.356857]  ? p9_client_create+0x798/0x1230
08:22:52 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x2c, 0x0, &(0x7f0000000180))

[ 1165.357769]  ? kfree+0xd7/0x340
[ 1165.358591]  ? do_raw_spin_unlock+0x4f/0x220
[ 1165.359497]  p9_client_create+0xa76/0x1230
[ 1165.360374]  ? p9_client_flush+0x430/0x430
[ 1165.361235]  ? trace_hardirqs_on+0x5b/0x180
[ 1165.362125]  ? lockdep_init_map_type+0x2c7/0x780
[ 1165.363098]  ? __raw_spin_lock_init+0x36/0x110
08:22:52 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1165.364038]  v9fs_session_init+0x1dd/0x1680
[ 1165.365040]  ? lock_release+0x680/0x680
[ 1165.365891]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1165.366906]  ? v9fs_show_options+0x690/0x690
[ 1165.367834]  ? trace_hardirqs_on+0x5b/0x180
[ 1165.368738]  ? kasan_unpoison_shadow+0x33/0x50
[ 1165.369704]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1165.370774]  v9fs_mount+0x79/0x8f0
[ 1165.371521]  ? v9fs_write_inode+0x60/0x60
[ 1165.372401]  legacy_get_tree+0x105/0x220
[ 1165.373257]  vfs_get_tree+0x8e/0x300
[ 1165.374044]  path_mount+0x1429/0x2120
[ 1165.374853]  ? strncpy_from_user+0x9e/0x470
[ 1165.375761]  ? finish_automount+0xa90/0xa90
[ 1165.376665]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1165.377651]  ? _copy_from_user+0xfb/0x1b0
[ 1165.378526]  __x64_sys_mount+0x282/0x300
[ 1165.379377]  ? copy_mnt_ns+0xa00/0xa00
[ 1165.380202]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1165.381305]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1165.382398]  do_syscall_64+0x33/0x40
[ 1165.383177]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1165.384257] RIP: 0033:0x7fd019574b19
[ 1165.385035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.388906] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1165.390504] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1165.391991] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1165.393487] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1165.394990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1165.396497] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1165.399715] 9pnet: Insufficient options for proto=fd
[ 1165.429426] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=11851 comm=syz-executor.0
08:23:07 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x5000000, 0x0, &(0x7f0000000180))

08:23:07 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:23:08 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f6669"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:23:08 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x20000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:08 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x700, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:08 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 39)

08:23:08 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 57)

08:23:08 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x48, 0x0, &(0x7f0000000180))

[ 1180.772753] 9pnet: Insufficient options for proto=fd
[ 1180.791907] FAULT_INJECTION: forcing a failure.
[ 1180.791907] name failslab, interval 1, probability 0, space 0, times 0
[ 1180.794353] CPU: 0 PID: 11967 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1180.795804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1180.797535] Call Trace:
[ 1180.798101]  dump_stack+0x107/0x167
[ 1180.798867]  should_fail.cold+0x5/0xa
[ 1180.799666]  ? create_object.isra.0+0x3a/0xa20
[ 1180.800630]  should_failslab+0x5/0x20
08:23:08 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x900, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1180.801573]  kmem_cache_alloc+0x5b/0x310
[ 1180.802460]  create_object.isra.0+0x3a/0xa20
[ 1180.803382]  ? kasan_unpoison_shadow+0x33/0x50
[ 1180.804346]  kmalloc_order+0xfe/0x160
[ 1180.805153]  kmalloc_order_trace+0x14/0xa0
[ 1180.806057]  p9_fcall_init+0x97/0x290
[ 1180.806862]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 1180.807940]  p9_client_rpc+0x220/0x1370
[ 1180.808788]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1180.809914]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1180.811041]  ? pipe_poll+0x21b/0x800
[ 1180.811823]  ? p9_fd_close+0x4a0/0x4a0
[ 1180.812639]  ? wait_for_partner+0x3c0/0x3c0
[ 1180.813543]  ? p9_fd_poll+0x1e0/0x2c0
[ 1180.814352]  ? p9_fd_create+0x357/0x4a0
[ 1180.815179]  ? p9_conn_create+0x510/0x510
[ 1180.816048]  ? p9_client_create+0x798/0x1230
[ 1180.816971]  ? kfree+0xd7/0x340
[ 1180.817667]  ? do_raw_spin_unlock+0x4f/0x220
[ 1180.818594]  p9_client_create+0xa76/0x1230
[ 1180.819492]  ? p9_client_flush+0x430/0x430
[ 1180.819667] FAULT_INJECTION: forcing a failure.
[ 1180.819667] name failslab, interval 1, probability 0, space 0, times 0
[ 1180.820382]  ? trace_hardirqs_on+0x5b/0x180
[ 1180.820404]  ? lockdep_init_map_type+0x2c7/0x780
[ 1180.820427]  ? __raw_spin_lock_init+0x36/0x110
[ 1180.825625]  v9fs_session_init+0x1dd/0x1680
[ 1180.826534]  ? lock_release+0x680/0x680
[ 1180.827383]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1180.828392]  ? v9fs_show_options+0x690/0x690
[ 1180.829323]  ? trace_hardirqs_on+0x5b/0x180
[ 1180.830233]  ? kasan_unpoison_shadow+0x33/0x50
[ 1180.831194]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1180.832258]  v9fs_mount+0x79/0x8f0
[ 1180.833003]  ? v9fs_write_inode+0x60/0x60
[ 1180.833889]  legacy_get_tree+0x105/0x220
[ 1180.834742]  vfs_get_tree+0x8e/0x300
[ 1180.835528]  path_mount+0x1429/0x2120
[ 1180.836334]  ? strncpy_from_user+0x9e/0x470
[ 1180.837238]  ? finish_automount+0xa90/0xa90
[ 1180.838150]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1180.839126]  ? _copy_from_user+0xfb/0x1b0
[ 1180.840002]  __x64_sys_mount+0x282/0x300
[ 1180.840853]  ? copy_mnt_ns+0xa00/0xa00
[ 1180.841681]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1180.842782]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1180.843871]  do_syscall_64+0x33/0x40
[ 1180.844656]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1180.845739] RIP: 0033:0x7fd019574b19
[ 1180.846524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1180.850403] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1180.851998] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1180.853495] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1180.854998] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1180.856488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1180.857984] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1180.859504] CPU: 1 PID: 11980 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1180.861040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1180.862841] Call Trace:
[ 1180.863404]  dump_stack+0x107/0x167
[ 1180.864169]  should_fail.cold+0x5/0xa
[ 1180.864971]  ? create_object.isra.0+0x3a/0xa20
[ 1180.865978]  should_failslab+0x5/0x20
[ 1180.866775]  kmem_cache_alloc+0x5b/0x310
[ 1180.867636]  create_object.isra.0+0x3a/0xa20
[ 1180.868559]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1180.869666]  __kmalloc_node_track_caller+0x1a6/0x3b0
[ 1180.870742]  ? alloc_uevent_skb+0x7b/0x210
[ 1180.871641]  __alloc_skb+0xb1/0x5b0
[ 1180.872413]  alloc_uevent_skb+0x7b/0x210
[ 1180.873270]  kobject_uevent_env+0xce1/0xfd0
[ 1180.874223]  net_rx_queue_update_kobjects+0xef/0x480
[ 1180.875310]  netif_set_real_num_rx_queues+0x165/0x210
[ 1180.876391]  tun_attach.isra.0+0x662/0x1760
[ 1180.877305]  ? selinux_tun_dev_open+0x13a/0x1c0
[ 1180.878323]  __tun_chr_ioctl+0x173c/0x3f40
[ 1180.879229]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1180.880256]  ? tun_chr_poll+0x700/0x700
[ 1180.881093]  ? wait_for_completion_io+0x270/0x270
[ 1180.882155]  ? selinux_file_ioctl+0xb6/0x270
[ 1180.883082]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1180.884029]  __x64_sys_ioctl+0x19a/0x210
[ 1180.884889]  do_syscall_64+0x33/0x40
[ 1180.885702]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1180.886785] RIP: 0033:0x7f6888bfdb19
[ 1180.887572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1180.891476] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1180.893076] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1180.894601] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1180.896091] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1180.897596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1180.899123] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:23:08 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x4c, 0x0, &(0x7f0000000180))

[ 1180.904558] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=11955 comm=syz-executor.0
08:23:08 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6000000, 0x0, &(0x7f0000000180))

08:23:08 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:23:08 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x20100000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:08 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f6669"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:23:08 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x68, 0x0, &(0x7f0000000180))

08:23:08 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6010000, 0x0, &(0x7f0000000180))

[ 1181.092277] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=12145 comm=syz-executor.0
08:23:08 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa00, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:08 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:23:08 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 40)

08:23:08 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f6669"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1181.272384] FAULT_INJECTION: forcing a failure.
[ 1181.272384] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1181.275011] CPU: 1 PID: 12352 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1181.276474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1181.278248] Call Trace:
[ 1181.278805]  dump_stack+0x107/0x167
[ 1181.279574]  should_fail.cold+0x5/0xa
[ 1181.280387]  __alloc_pages_nodemask+0x182/0x600
[ 1181.281368]  ? lock_release+0x680/0x680
[ 1181.282237]  ? find_held_lock+0x2c/0x110
[ 1181.283091]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1181.284367]  alloc_pages_current+0x187/0x280
[ 1181.285301]  kmalloc_order+0x35/0x160
[ 1181.286139]  kmalloc_order_trace+0x14/0xa0
[ 1181.287030]  p9_fcall_init+0x97/0x290
[ 1181.287836]  p9_client_prepare_req.part.0+0xf4/0xac0
[ 1181.288914]  p9_client_rpc+0x220/0x1370
[ 1181.289781]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1181.290893]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1181.292022]  ? pipe_poll+0x21b/0x800
[ 1181.292803]  ? p9_fd_close+0x4a0/0x4a0
[ 1181.293635]  ? wait_for_partner+0x3c0/0x3c0
[ 1181.294559]  ? p9_fd_poll+0x1e0/0x2c0
[ 1181.295362]  ? p9_fd_create+0x357/0x4a0
[ 1181.296191]  ? p9_conn_create+0x510/0x510
[ 1181.297061]  ? p9_client_create+0x798/0x1230
[ 1181.298015]  ? kfree+0xd7/0x340
[ 1181.298706]  ? do_raw_spin_unlock+0x4f/0x220
[ 1181.299636]  p9_client_create+0xa76/0x1230
[ 1181.300532]  ? p9_client_flush+0x430/0x430
[ 1181.301419]  ? trace_hardirqs_on+0x5b/0x180
[ 1181.302355]  ? lockdep_init_map_type+0x2c7/0x780
[ 1181.303353]  ? __raw_spin_lock_init+0x36/0x110
[ 1181.304323]  v9fs_session_init+0x1dd/0x1680
[ 1181.305234]  ? lock_release+0x680/0x680
[ 1181.306116]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1181.307127]  ? v9fs_show_options+0x690/0x690
[ 1181.308053]  ? trace_hardirqs_on+0x5b/0x180
[ 1181.308958]  ? kasan_unpoison_shadow+0x33/0x50
[ 1181.309947]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1181.311019]  v9fs_mount+0x79/0x8f0
[ 1181.311769]  ? v9fs_write_inode+0x60/0x60
[ 1181.312645]  legacy_get_tree+0x105/0x220
[ 1181.313499]  vfs_get_tree+0x8e/0x300
[ 1181.314313]  path_mount+0x1429/0x2120
[ 1181.315122]  ? strncpy_from_user+0x9e/0x470
[ 1181.316038]  ? finish_automount+0xa90/0xa90
[ 1181.316948]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1181.317962]  ? _copy_from_user+0xfb/0x1b0
[ 1181.318839]  __x64_sys_mount+0x282/0x300
[ 1181.319689]  ? copy_mnt_ns+0xa00/0xa00
[ 1181.320512]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1181.321633]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1181.322740]  do_syscall_64+0x33/0x40
[ 1181.323530]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1181.324608] RIP: 0033:0x7fd019574b19
[ 1181.325394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1181.329323] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1181.330959] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1181.332467] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1181.334000] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1181.335514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1181.337022] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1181.359242] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=12354 comm=syz-executor.0
08:23:23 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x6c, 0x0, &(0x7f0000000180))

08:23:23 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x7000000, 0x0, &(0x7f0000000180))

08:23:23 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 41)

08:23:23 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c65"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:23:23 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:23:23 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 58)

08:23:23 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb00, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:23 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x83040000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1196.102871] FAULT_INJECTION: forcing a failure.
[ 1196.102871] name failslab, interval 1, probability 0, space 0, times 0
[ 1196.105370] CPU: 1 PID: 12426 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1196.106851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1196.108595] Call Trace:
[ 1196.109152]  dump_stack+0x107/0x167
[ 1196.109925]  should_fail.cold+0x5/0xa
[ 1196.110734]  ? create_object.isra.0+0x3a/0xa20
[ 1196.111693]  should_failslab+0x5/0x20
[ 1196.112489]  kmem_cache_alloc+0x5b/0x310
[ 1196.113346]  create_object.isra.0+0x3a/0xa20
[ 1196.114284]  ? kasan_unpoison_shadow+0x33/0x50
[ 1196.115243]  kmalloc_order+0xfe/0x160
[ 1196.116052]  kmalloc_order_trace+0x14/0xa0
[ 1196.116947]  p9_fcall_init+0x97/0x290
[ 1196.117745]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 1196.118821]  p9_client_rpc+0x220/0x1370
[ 1196.119657]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1196.120774]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1196.121911]  ? pipe_poll+0x21b/0x800
[ 1196.122687]  ? p9_fd_close+0x4a0/0x4a0
[ 1196.123508]  ? wait_for_partner+0x3c0/0x3c0
[ 1196.124409]  ? p9_fd_poll+0x1e0/0x2c0
[ 1196.125206]  ? p9_fd_create+0x357/0x4a0
[ 1196.126058]  ? p9_conn_create+0x510/0x510
[ 1196.126928]  ? p9_client_create+0x798/0x1230
[ 1196.127848]  ? kfree+0xd7/0x340
[ 1196.128531]  ? do_raw_spin_unlock+0x4f/0x220
[ 1196.129468]  p9_client_create+0xa76/0x1230
[ 1196.130367]  ? p9_client_flush+0x430/0x430
[ 1196.131266]  ? trace_hardirqs_on+0x5b/0x180
[ 1196.132185]  ? lockdep_init_map_type+0x2c7/0x780
[ 1196.133185]  ? __raw_spin_lock_init+0x36/0x110
[ 1196.134163]  v9fs_session_init+0x1dd/0x1680
[ 1196.135070]  ? lock_release+0x680/0x680
[ 1196.135912]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1196.136931]  ? v9fs_show_options+0x690/0x690
[ 1196.137878]  ? trace_hardirqs_on+0x5b/0x180
[ 1196.138787]  ? kasan_unpoison_shadow+0x33/0x50
[ 1196.139753]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1196.140826]  v9fs_mount+0x79/0x8f0
[ 1196.141577]  ? v9fs_write_inode+0x60/0x60
[ 1196.142471]  legacy_get_tree+0x105/0x220
[ 1196.143328]  vfs_get_tree+0x8e/0x300
[ 1196.144109]  path_mount+0x1429/0x2120
[ 1196.144915]  ? strncpy_from_user+0x9e/0x470
[ 1196.145834]  ? finish_automount+0xa90/0xa90
[ 1196.146746]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1196.147726]  ? _copy_from_user+0xfb/0x1b0
[ 1196.148614]  __x64_sys_mount+0x282/0x300
[ 1196.149473]  ? copy_mnt_ns+0xa00/0xa00
[ 1196.150319]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1196.151431]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1196.152521]  do_syscall_64+0x33/0x40
[ 1196.153308]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1196.154403] RIP: 0033:0x7fd019574b19
[ 1196.155193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1196.156955] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=12610 comm=syz-executor.0
[ 1196.159105] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1196.159126] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1196.159146] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1196.166313] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1196.168027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1196.169750] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1196.189715] FAULT_INJECTION: forcing a failure.
[ 1196.189715] name failslab, interval 1, probability 0, space 0, times 0
[ 1196.192369] CPU: 1 PID: 12618 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1196.193902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1196.195711] Call Trace:
[ 1196.196288]  dump_stack+0x107/0x167
[ 1196.197083]  should_fail.cold+0x5/0xa
[ 1196.197929]  should_failslab+0x5/0x20
[ 1196.198760]  __kmalloc_node_track_caller+0x74/0x3b0
[ 1196.199846]  ? alloc_uevent_skb+0x7b/0x210
[ 1196.200774]  __alloc_skb+0xb1/0x5b0
[ 1196.201571]  alloc_uevent_skb+0x7b/0x210
[ 1196.202479]  kobject_uevent_env+0xce1/0xfd0
[ 1196.203430]  net_rx_queue_update_kobjects+0xef/0x480
[ 1196.204544]  netif_set_real_num_rx_queues+0x165/0x210
[ 1196.205671]  tun_attach.isra.0+0x662/0x1760
[ 1196.206649]  __tun_chr_ioctl+0x173c/0x3f40
[ 1196.207578]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1196.208628]  ? tun_chr_poll+0x700/0x700
[ 1196.209489]  ? wait_for_completion_io+0x270/0x270
[ 1196.210610]  ? selinux_file_ioctl+0xb6/0x270
[ 1196.211575]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1196.212554]  __x64_sys_ioctl+0x19a/0x210
[ 1196.213444]  do_syscall_64+0x33/0x40
[ 1196.214264]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1196.215373] RIP: 0033:0x7f6888bfdb19
[ 1196.216182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1196.220197] RSP: 002b:00007f6886173188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1196.221859] RAX: ffffffffffffffda RBX: 00007f6888d10f60 RCX: 00007f6888bfdb19
[ 1196.223407] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000003
[ 1196.224962] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1196.226525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1196.228074] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:23:23 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x74, 0x0, &(0x7f0000000180))

08:23:23 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xa000000, 0x0, &(0x7f0000000180))

08:23:23 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x8cffffff, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:23 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x40000000, 0x0, &(0x7f0000000180))

08:23:23 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:23:23 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1020, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:23 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c65"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:23:23 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x7a, 0x0, &(0x7f0000000180))

08:23:23 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 59)

[ 1196.420699] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=12731 comm=syz-executor.0
[ 1196.490617] FAULT_INJECTION: forcing a failure.
[ 1196.490617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1196.493462] CPU: 1 PID: 12871 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 1196.494935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1196.496681] Call Trace:
[ 1196.497245]  dump_stack+0x107/0x167
[ 1196.498033]  should_fail.cold+0x5/0xa
[ 1196.498846]  _copy_to_user+0x2e/0x180
[ 1196.499659]  simple_read_from_buffer+0xcc/0x160
[ 1196.500655]  proc_fail_nth_read+0x198/0x230
[ 1196.501576]  ? proc_sessionid_read+0x230/0x230
[ 1196.502550]  ? security_file_permission+0xb1/0xe0
[ 1196.503582]  ? proc_sessionid_read+0x230/0x230
[ 1196.504553]  vfs_read+0x228/0x620
[ 1196.505292]  ksys_read+0x12d/0x260
[ 1196.506066]  ? vfs_write+0xb10/0xb10
[ 1196.506851]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1196.507964]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1196.509046]  do_syscall_64+0x33/0x40
[ 1196.509851]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1196.510934] RIP: 0033:0x7f6888bb069c
[ 1196.511721] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1196.515540] RSP: 002b:00007f6886173170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1196.517147] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6888bb069c
[ 1196.518663] RDX: 000000000000000f RSI: 00007f68861731e0 RDI: 0000000000000005
[ 1196.520174] RBP: 00007f68861731d0 R08: 0000000000000000 R09: 0000000000000000
[ 1196.521686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1196.523205] R13: 00007ffde665f87f R14: 00007f6886173300 R15: 0000000000022000
08:23:39 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x48000000, 0x0, &(0x7f0000000180))

08:23:39 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

08:23:39 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x2f0, 0x0, &(0x7f0000000180))

08:23:39 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:39 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:23:39 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 42)

08:23:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c65"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:23:39 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xc0ed0000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1212.218827] 9pnet: Insufficient options for proto=fd
[ 1212.227888] FAULT_INJECTION: forcing a failure.
[ 1212.227888] name failslab, interval 1, probability 0, space 0, times 0
[ 1212.230486] CPU: 0 PID: 12888 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1212.231936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1212.233709] Call Trace:
[ 1212.234281]  dump_stack+0x107/0x167
[ 1212.235058]  should_fail.cold+0x5/0xa
[ 1212.235866]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1212.237095]  should_failslab+0x5/0x20
[ 1212.237895]  kmem_cache_alloc+0x5b/0x310
[ 1212.238779]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1212.239984]  idr_get_free+0x4b5/0x8f0
[ 1212.240800]  idr_alloc_u32+0x170/0x2d0
[ 1212.241634]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1212.242669]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1212.243817]  ? lock_release+0x680/0x680
[ 1212.244658]  idr_alloc+0xc2/0x130
[ 1212.245402]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1212.246296]  ? rwlock_bug.part.0+0x90/0x90
[ 1212.247256]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1212.248352]  p9_client_rpc+0x220/0x1370
[ 1212.249205]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1212.250331]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1212.251529]  ? pipe_poll+0x21b/0x800
[ 1212.252310]  ? p9_fd_close+0x4a0/0x4a0
[ 1212.253148]  ? wait_for_partner+0x3c0/0x3c0
[ 1212.254064]  ? p9_fd_poll+0x1e0/0x2c0
[ 1212.254881]  ? p9_fd_create+0x357/0x4a0
[ 1212.255740]  ? p9_conn_create+0x510/0x510
[ 1212.256614]  ? p9_client_create+0x798/0x1230
[ 1212.257561]  ? kfree+0xd7/0x340
[ 1212.258276]  ? do_raw_spin_unlock+0x4f/0x220
[ 1212.259217]  p9_client_create+0xa76/0x1230
[ 1212.260126]  ? p9_client_flush+0x430/0x430
[ 1212.261034]  ? trace_hardirqs_on+0x5b/0x180
[ 1212.261956]  ? lockdep_init_map_type+0x2c7/0x780
[ 1212.262977]  ? __raw_spin_lock_init+0x36/0x110
[ 1212.263968]  v9fs_session_init+0x1dd/0x1680
[ 1212.264898]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1212.265928]  ? v9fs_show_options+0x690/0x690
[ 1212.266888]  ? trace_hardirqs_on+0x5b/0x180
[ 1212.267936]  ? kasan_unpoison_shadow+0x33/0x50
[ 1212.269101]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1212.270392]  v9fs_mount+0x79/0x8f0
[ 1212.271283]  ? v9fs_write_inode+0x60/0x60
[ 1212.272320]  legacy_get_tree+0x105/0x220
[ 1212.273345]  vfs_get_tree+0x8e/0x300
[ 1212.274277]  path_mount+0x1429/0x2120
[ 1212.275160]  ? strncpy_from_user+0x9e/0x470
[ 1212.276153]  ? finish_automount+0xa90/0xa90
[ 1212.277147]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1212.278262]  ? _copy_from_user+0xfb/0x1b0
[ 1212.279322]  __x64_sys_mount+0x282/0x300
[ 1212.280417]  ? copy_mnt_ns+0xa00/0xa00
[ 1212.281433]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1212.282835]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1212.284210]  do_syscall_64+0x33/0x40
[ 1212.285201]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1212.286580] RIP: 0033:0x7fd019574b19
[ 1212.287562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1212.291880] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1212.293563] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1212.295160] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1212.296719] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1212.298298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1212.299870] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:23:39 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x300, 0x0, &(0x7f0000000180))

08:23:39 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4c000000, 0x0, &(0x7f0000000180))

08:23:39 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1212.367283] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=12889 comm=syz-executor.0
08:23:39 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2010, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:39 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x2, &(0x7f0000000000)={'veth0_vlan\x00'})

08:23:39 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x68000000, 0x0, &(0x7f0000000180))

08:23:39 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x480, 0x0, &(0x7f0000000180))

08:23:39 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xf6ffffff, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c6531"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1212.635416] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=13146 comm=syz-executor.0
08:23:56 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xffffe000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:56 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:23:56 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c6531"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:23:56 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x500, 0x0, &(0x7f0000000180))

08:23:56 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 43)

08:23:56 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6c000000, 0x0, &(0x7f0000000180))

08:23:56 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x4b47, &(0x7f0000000000)={'veth0_vlan\x00'})

08:23:56 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:56 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x74000000, 0x0, &(0x7f0000000180))

[ 1229.200010] FAULT_INJECTION: forcing a failure.
[ 1229.200010] name failslab, interval 1, probability 0, space 0, times 0
[ 1229.202485] CPU: 1 PID: 13359 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1229.203991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1229.206102] Call Trace:
[ 1229.206791]  dump_stack+0x107/0x167
[ 1229.207717]  should_fail.cold+0x5/0xa
[ 1229.208691]  ? create_object.isra.0+0x3a/0xa20
[ 1229.209861]  should_failslab+0x5/0x20
[ 1229.210854]  kmem_cache_alloc+0x5b/0x310
[ 1229.211891]  create_object.isra.0+0x3a/0xa20
[ 1229.212825]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1229.213896]  kmem_cache_alloc+0x159/0x310
[ 1229.214793]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1229.215972]  idr_get_free+0x4b5/0x8f0
[ 1229.216785]  idr_alloc_u32+0x170/0x2d0
[ 1229.217606]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1229.218636]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1229.219759]  ? lock_release+0x680/0x680
[ 1229.220600]  idr_alloc+0xc2/0x130
[ 1229.221328]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1229.222186]  ? rwlock_bug.part.0+0x90/0x90
[ 1229.223095]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1229.224185]  p9_client_rpc+0x220/0x1370
[ 1229.225020]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1229.226131]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1229.227272]  ? pipe_poll+0x21b/0x800
[ 1229.228086]  ? p9_fd_close+0x4a0/0x4a0
[ 1229.228906]  ? wait_for_partner+0x3c0/0x3c0
[ 1229.229811]  ? p9_fd_poll+0x1e0/0x2c0
[ 1229.230630]  ? p9_fd_create+0x357/0x4a0
[ 1229.231462]  ? p9_conn_create+0x510/0x510
[ 1229.232333]  ? p9_client_create+0x798/0x1230
[ 1229.233259]  ? kfree+0xd7/0x340
[ 1229.233946]  ? do_raw_spin_unlock+0x4f/0x220
[ 1229.234901]  p9_client_create+0xa76/0x1230
[ 1229.235803]  ? p9_client_flush+0x430/0x430
[ 1229.236692]  ? trace_hardirqs_on+0x5b/0x180
[ 1229.237601]  ? lockdep_init_map_type+0x2c7/0x780
[ 1229.238609]  ? __raw_spin_lock_init+0x36/0x110
[ 1229.239573]  v9fs_session_init+0x1dd/0x1680
[ 1229.240480]  ? lock_release+0x680/0x680
[ 1229.241323]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1229.242353]  ? v9fs_show_options+0x690/0x690
[ 1229.243289]  ? trace_hardirqs_on+0x5b/0x180
[ 1229.244199]  ? kasan_unpoison_shadow+0x33/0x50
[ 1229.245157]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1229.246237]  v9fs_mount+0x79/0x8f0
[ 1229.246984]  ? v9fs_write_inode+0x60/0x60
[ 1229.247866]  legacy_get_tree+0x105/0x220
[ 1229.248726]  vfs_get_tree+0x8e/0x300
[ 1229.249547]  path_mount+0x1429/0x2120
[ 1229.250366]  ? strncpy_from_user+0x9e/0x470
[ 1229.251270]  ? finish_automount+0xa90/0xa90
[ 1229.252170]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1229.253141]  ? _copy_from_user+0xfb/0x1b0
[ 1229.254012]  __x64_sys_mount+0x282/0x300
[ 1229.254871]  ? copy_mnt_ns+0xa00/0xa00
[ 1229.255689]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1229.256789]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1229.257868]  do_syscall_64+0x33/0x40
[ 1229.258715]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1229.259793] RIP: 0033:0x7fd019574b19
[ 1229.260575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1229.264440] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1229.266033] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1229.267539] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1229.269030] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1229.270541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1229.272045] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1229.301325] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=13470 comm=syz-executor.0
08:23:56 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x600, 0x0, &(0x7f0000000180))

08:23:56 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xffffff8c, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:56 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x7a000000, 0x0, &(0x7f0000000180))

08:23:56 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c6531"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:23:56 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4084, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:23:56 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:23:56 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x4b49, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1229.545434] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=13584 comm=syz-executor.0
08:24:12 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 44)

08:24:12 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:24:12 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x700, 0x0, &(0x7f0000000180))

08:24:12 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x541b, &(0x7f0000000000)={'veth0_vlan\x00'})

08:24:12 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x80040000, 0x0, &(0x7f0000000180))

08:24:12 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xfffffff6, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:12 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4800, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:12 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYBLOB="00000000000004002e2f66696c653100"])
r2 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1245.703003] FAULT_INJECTION: forcing a failure.
[ 1245.703003] name failslab, interval 1, probability 0, space 0, times 0
[ 1245.704333] CPU: 1 PID: 13815 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1245.705879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1245.708189] Call Trace:
[ 1245.708920]  dump_stack+0x107/0x167
[ 1245.709918]  should_fail.cold+0x5/0xa
[ 1245.710994]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
08:24:12 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x8cffffff, 0x0, &(0x7f0000000180))

[ 1245.712581]  should_failslab+0x5/0x20
[ 1245.713726]  kmem_cache_alloc+0x5b/0x310
[ 1245.714874]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1245.716412]  idr_get_free+0x4b5/0x8f0
[ 1245.717471]  idr_alloc_u32+0x170/0x2d0
[ 1245.718558]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1245.719894]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1245.721369]  ? lock_release+0x680/0x680
[ 1245.722477]  idr_alloc+0xc2/0x130
[ 1245.723438]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1245.724543]  ? rwlock_bug.part.0+0x90/0x90
[ 1245.725730]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1245.727165]  p9_client_rpc+0x220/0x1370
[ 1245.728254]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1245.729694]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1245.731167]  ? pipe_poll+0x21b/0x800
[ 1245.732178]  ? p9_fd_close+0x4a0/0x4a0
[ 1245.733238]  ? wait_for_partner+0x3c0/0x3c0
[ 1245.734438]  ? p9_fd_poll+0x1e0/0x2c0
[ 1245.735490]  ? p9_fd_create+0x357/0x4a0
[ 1245.736585]  ? p9_conn_create+0x510/0x510
[ 1245.737719]  ? p9_client_create+0x798/0x1230
[ 1245.738937]  ? kfree+0xd7/0x340
08:24:13 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xf0020000, 0x0, &(0x7f0000000180))

[ 1245.739832]  ? do_raw_spin_unlock+0x4f/0x220
[ 1245.740934]  p9_client_create+0xa76/0x1230
[ 1245.741651]  ? p9_client_flush+0x430/0x430
[ 1245.742369]  ? trace_hardirqs_on+0x5b/0x180
[ 1245.743066]  ? lockdep_init_map_type+0x2c7/0x780
[ 1245.743319] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=13831 comm=syz-executor.0
[ 1245.743634]  ? __raw_spin_lock_init+0x36/0x110
[ 1245.745668]  v9fs_session_init+0x1dd/0x1680
[ 1245.746191]  ? quarantine_reduce+0x18c/0x210
[ 1245.746718]  ? v9fs_show_options+0x690/0x690
[ 1245.747243]  ? trace_hardirqs_on+0x5b/0x180
[ 1245.747752]  ? v9fs_write_inode+0x60/0x60
[ 1245.748251]  ? quarantine_reduce+0x1ad/0x210
[ 1245.748768]  ? kasan_unpoison_shadow+0x33/0x50
[ 1245.749309]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1245.749921]  v9fs_mount+0x79/0x8f0
[ 1245.750361]  ? v9fs_write_inode+0x60/0x60
[ 1245.750853]  legacy_get_tree+0x105/0x220
[ 1245.751332]  vfs_get_tree+0x8e/0x300
[ 1245.751784]  path_mount+0x1429/0x2120
[ 1245.752244]  ? strncpy_from_user+0x9e/0x470
[ 1245.752750]  ? finish_automount+0xa90/0xa90
[ 1245.753270]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1245.753821]  ? _copy_from_user+0xfb/0x1b0
[ 1245.754319]  __x64_sys_mount+0x282/0x300
[ 1245.754802]  ? copy_mnt_ns+0xa00/0xa00
[ 1245.755255]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1245.755856]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1245.756446]  do_syscall_64+0x33/0x40
[ 1245.756878]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1245.757463] RIP: 0033:0x7fd019574b19
[ 1245.757891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1245.760034] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1245.760917] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1245.761738] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1245.762573] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1245.763394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1245.764226] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:24:13 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xa00, 0x0, &(0x7f0000000180))

08:24:13 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYBLOB="00000000000004002e2f66696c653100"])
r2 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1245.861902] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=14029 comm=syz-executor.0
08:24:27 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 45)

08:24:27 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xfeffffff, 0x0, &(0x7f0000000180))

08:24:27 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYBLOB="00000000000004002e2f66696c653100"])
r2 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:24:27 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xedc000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:27 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:24:27 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x5421, &(0x7f0000000000)={'veth0_vlan\x00'})

08:24:27 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xf00, 0x0, &(0x7f0000000180))

08:24:27 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c00, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1260.142372] FAULT_INJECTION: forcing a failure.
[ 1260.142372] name failslab, interval 1, probability 0, space 0, times 0
[ 1260.144616] CPU: 0 PID: 14079 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1260.145969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1260.147604] Call Trace:
[ 1260.148130]  dump_stack+0x107/0x167
[ 1260.148855]  should_fail.cold+0x5/0xa
[ 1260.149608]  ? create_object.isra.0+0x3a/0xa20
[ 1260.150531]  should_failslab+0x5/0x20
[ 1260.151288]  kmem_cache_alloc+0x5b/0x310
[ 1260.152094]  create_object.isra.0+0x3a/0xa20
[ 1260.152961]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1260.153966]  kmem_cache_alloc+0x159/0x310
[ 1260.154804]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1260.155907]  idr_get_free+0x4b5/0x8f0
[ 1260.156651]  idr_alloc_u32+0x170/0x2d0
[ 1260.157416]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1260.158368]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1260.159422]  ? lock_release+0x680/0x680
[ 1260.160206]  idr_alloc+0xc2/0x130
[ 1260.160884]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1260.161674]  ? rwlock_bug.part.0+0x90/0x90
[ 1260.162525]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1260.163540]  p9_client_rpc+0x220/0x1370
[ 1260.164321]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1260.165356]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1260.166402]  ? pipe_poll+0x21b/0x800
[ 1260.167125]  ? p9_fd_close+0x4a0/0x4a0
[ 1260.167887]  ? wait_for_partner+0x3c0/0x3c0
[ 1260.168727]  ? p9_fd_poll+0x1e0/0x2c0
[ 1260.169466]  ? p9_fd_create+0x357/0x4a0
[ 1260.170232]  ? p9_conn_create+0x510/0x510
[ 1260.171043]  ? p9_client_create+0x798/0x1230
[ 1260.171893]  ? kfree+0xd7/0x340
[ 1260.172539]  ? do_raw_spin_unlock+0x4f/0x220
[ 1260.173402]  p9_client_create+0xa76/0x1230
[ 1260.174234]  ? p9_client_flush+0x430/0x430
[ 1260.175070]  ? trace_hardirqs_on+0x5b/0x180
[ 1260.175910]  ? lockdep_init_map_type+0x2c7/0x780
08:24:27 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x1100, 0x0, &(0x7f0000000180))

[ 1260.176825]  ? __raw_spin_lock_init+0x36/0x110
[ 1260.177908]  v9fs_session_init+0x1dd/0x1680
[ 1260.178758]  ? lock_release+0x680/0x680
[ 1260.179539]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1260.180476]  ? v9fs_show_options+0x690/0x690
[ 1260.181343]  ? trace_hardirqs_on+0x5b/0x180
[ 1260.182195]  ? kasan_unpoison_shadow+0x33/0x50
[ 1260.183099]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1260.184086]  v9fs_mount+0x79/0x8f0
[ 1260.184780]  ? v9fs_write_inode+0x60/0x60
[ 1260.185606]  legacy_get_tree+0x105/0x220
[ 1260.186390]  vfs_get_tree+0x8e/0x300
[ 1260.187112]  path_mount+0x1429/0x2120
[ 1260.187848]  ? strncpy_from_user+0x9e/0x470
[ 1260.188676]  ? finish_automount+0xa90/0xa90
[ 1260.189508]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1260.190407]  ? _copy_from_user+0xfb/0x1b0
[ 1260.191216]  __x64_sys_mount+0x282/0x300
[ 1260.191999]  ? copy_mnt_ns+0xa00/0xa00
[ 1260.192765]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1260.193774]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1260.194775]  do_syscall_64+0x33/0x40
[ 1260.195487]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1260.196473] RIP: 0033:0x7fd019574b19
[ 1260.197190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1260.200750] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1260.202221] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1260.203597] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1260.204982] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1260.206345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1260.207700] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1260.232910] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=14246 comm=syz-executor.0
08:24:27 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:24:27 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xffffff8c, 0x0, &(0x7f0000000180))

08:24:27 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6800, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:27 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x8000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:27 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:24:27 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x5450, &(0x7f0000000000)={'veth0_vlan\x00'})

08:24:27 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x2c00, 0x0, &(0x7f0000000180))

[ 1260.444706] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=14289 comm=syz-executor.0
08:24:27 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 46)

08:24:27 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c00, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:27 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xfffffffe, 0x0, &(0x7f0000000180))

08:24:27 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:24:27 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xe0ffff00000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:27 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x5451, &(0x7f0000000000)={'veth0_vlan\x00'})

08:24:27 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x4000, 0x0, &(0x7f0000000180))

08:24:27 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x1000000000000, 0x0, &(0x7f0000000180))

[ 1260.589425] FAULT_INJECTION: forcing a failure.
[ 1260.589425] name failslab, interval 1, probability 0, space 0, times 0
[ 1260.591104] CPU: 0 PID: 14584 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1260.592129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1260.593358] Call Trace:
[ 1260.593751]  dump_stack+0x107/0x167
[ 1260.594287]  should_fail.cold+0x5/0xa
[ 1260.594854]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1260.595713]  should_failslab+0x5/0x20
[ 1260.596271]  kmem_cache_alloc+0x5b/0x310
[ 1260.596871]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1260.597696]  idr_get_free+0x4b5/0x8f0
[ 1260.598268]  idr_alloc_u32+0x170/0x2d0
[ 1260.598842]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1260.599543]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1260.600324]  ? lock_release+0x680/0x680
[ 1260.600914]  idr_alloc+0xc2/0x130
[ 1260.601426]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1260.602036]  ? rwlock_bug.part.0+0x90/0x90
[ 1260.602666]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1260.603420]  p9_client_rpc+0x220/0x1370
[ 1260.603996]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1260.604767]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1260.605547]  ? pipe_poll+0x21b/0x800
[ 1260.606090]  ? p9_fd_close+0x4a0/0x4a0
[ 1260.606662]  ? wait_for_partner+0x3c0/0x3c0
[ 1260.607291]  ? p9_fd_poll+0x1e0/0x2c0
[ 1260.607857]  ? p9_fd_create+0x357/0x4a0
[ 1260.608430]  ? p9_conn_create+0x510/0x510
[ 1260.609039]  ? p9_client_create+0x798/0x1230
[ 1260.609670]  ? kfree+0xd7/0x340
[ 1260.610138]  ? do_raw_spin_unlock+0x4f/0x220
[ 1260.610785]  p9_client_create+0xa76/0x1230
[ 1260.611394]  ? p9_client_flush+0x430/0x430
[ 1260.612014]  ? trace_hardirqs_on+0x5b/0x180
[ 1260.612637]  ? lockdep_init_map_type+0x2c7/0x780
[ 1260.613326]  ? __raw_spin_lock_init+0x36/0x110
[ 1260.613987]  v9fs_session_init+0x1dd/0x1680
[ 1260.614609]  ? lock_release+0x680/0x680
[ 1260.615200]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1260.615896]  ? v9fs_show_options+0x690/0x690
[ 1260.616538]  ? trace_hardirqs_on+0x5b/0x180
[ 1260.617161]  ? kasan_unpoison_shadow+0x33/0x50
[ 1260.617820]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1260.618554]  v9fs_mount+0x79/0x8f0
[ 1260.619062]  ? v9fs_write_inode+0x60/0x60
[ 1260.619657]  legacy_get_tree+0x105/0x220
[ 1260.620243]  vfs_get_tree+0x8e/0x300
[ 1260.620778]  path_mount+0x1429/0x2120
[ 1260.621332]  ? strncpy_from_user+0x9e/0x470
[ 1260.621950]  ? finish_automount+0xa90/0xa90
[ 1260.622585]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1260.623251]  ? _copy_from_user+0xfb/0x1b0
[ 1260.623850]  __x64_sys_mount+0x282/0x300
[ 1260.624424]  ? copy_mnt_ns+0xa00/0xa00
[ 1260.624980]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1260.625724]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1260.626459]  do_syscall_64+0x33/0x40
[ 1260.627008]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1260.627730] RIP: 0033:0x7fd019574b19
[ 1260.628263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1260.630885] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1260.631969] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1260.632989] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1260.634014] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1260.635027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1260.636046] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:24:41 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 47)

08:24:41 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x5452, &(0x7f0000000000)={'veth0_vlan\x00'})

08:24:41 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:24:41 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x4800, 0x0, &(0x7f0000000180))

08:24:41 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:24:41 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7400, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:41 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x2000000000000, 0x0, &(0x7f0000000180))

[ 1274.539115] FAULT_INJECTION: forcing a failure.
[ 1274.539115] name failslab, interval 1, probability 0, space 0, times 0
[ 1274.541512] CPU: 1 PID: 14742 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1274.542971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1274.544721] Call Trace:
[ 1274.545280]  dump_stack+0x107/0x167
[ 1274.546044]  should_fail.cold+0x5/0xa
[ 1274.546854]  ? create_object.isra.0+0x3a/0xa20
[ 1274.547821]  should_failslab+0x5/0x20
[ 1274.548625]  kmem_cache_alloc+0x5b/0x310
[ 1274.549486]  create_object.isra.0+0x3a/0xa20
[ 1274.550406]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1274.551479]  kmem_cache_alloc+0x159/0x310
[ 1274.552361]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1274.553558]  idr_get_free+0x4b5/0x8f0
[ 1274.554353]  idr_alloc_u32+0x170/0x2d0
[ 1274.555191]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1274.556215]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1274.557358]  ? lock_release+0x680/0x680
[ 1274.558194]  idr_alloc+0xc2/0x130
[ 1274.558937]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1274.559783]  ? rwlock_bug.part.0+0x90/0x90
[ 1274.560699]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1274.561790]  p9_client_rpc+0x220/0x1370
[ 1274.562623]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1274.563741]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1274.564856]  ? pipe_poll+0x21b/0x800
[ 1274.565643]  ? p9_fd_close+0x4a0/0x4a0
[ 1274.566460]  ? wait_for_partner+0x3c0/0x3c0
[ 1274.567367]  ? p9_fd_poll+0x1e0/0x2c0
[ 1274.568174]  ? p9_fd_create+0x357/0x4a0
[ 1274.568999]  ? p9_conn_create+0x510/0x510
[ 1274.569865]  ? p9_client_create+0x798/0x1230
[ 1274.570778]  ? kfree+0xd7/0x340
[ 1274.571473]  ? do_raw_spin_unlock+0x4f/0x220
[ 1274.572405]  p9_client_create+0xa76/0x1230
[ 1274.573310]  ? p9_client_flush+0x430/0x430
[ 1274.574202]  ? trace_hardirqs_on+0x5b/0x180
[ 1274.575122]  ? lockdep_init_map_type+0x2c7/0x780
[ 1274.576122]  ? __raw_spin_lock_init+0x36/0x110
[ 1274.577087]  v9fs_session_init+0x1dd/0x1680
[ 1274.577998]  ? lock_release+0x680/0x680
[ 1274.578849]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1274.579870]  ? v9fs_show_options+0x690/0x690
[ 1274.580796]  ? trace_hardirqs_on+0x5b/0x180
[ 1274.581704]  ? kasan_unpoison_shadow+0x33/0x50
[ 1274.582670]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1274.583711] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=14748 comm=syz-executor.0
[ 1274.583748]  v9fs_mount+0x79/0x8f0
[ 1274.588138]  ? v9fs_write_inode+0x60/0x60
[ 1274.589026]  legacy_get_tree+0x105/0x220
[ 1274.589875]  vfs_get_tree+0x8e/0x300
[ 1274.590649]  path_mount+0x1429/0x2120
[ 1274.591456]  ? strncpy_from_user+0x9e/0x470
[ 1274.592354]  ? finish_automount+0xa90/0xa90
[ 1274.593264]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1274.594244]  ? _copy_from_user+0xfb/0x1b0
[ 1274.595124]  __x64_sys_mount+0x282/0x300
[ 1274.595970]  ? copy_mnt_ns+0xa00/0xa00
[ 1274.596804]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1274.597912]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1274.599003]  do_syscall_64+0x33/0x40
[ 1274.599790]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1274.600861] RIP: 0033:0x7fd019574b19
[ 1274.601638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1274.605452] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1274.607053] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1274.608559] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1274.610046] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1274.611543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1274.613040] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:24:41 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x100000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:42 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="00000000000004002e2f66696c653100"])
r3 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1274.909561] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=15064 comm=syz-executor.0
08:24:56 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a00, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:56 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 48)

08:24:56 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:24:56 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x4c00, 0x0, &(0x7f0000000180))

08:24:56 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x200000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:56 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x5460, &(0x7f0000000000)={'veth0_vlan\x00'})

08:24:56 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:24:56 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x100000000000000, 0x0, &(0x7f0000000180))

[ 1289.649104] FAULT_INJECTION: forcing a failure.
[ 1289.649104] name failslab, interval 1, probability 0, space 0, times 0
[ 1289.651749] CPU: 1 PID: 15098 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1289.653228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1289.655008] Call Trace:
[ 1289.655576]  dump_stack+0x107/0x167
[ 1289.656358]  should_fail.cold+0x5/0xa
[ 1289.657169]  ? p9pdu_readf+0xadb/0x1d40
[ 1289.658018]  should_failslab+0x5/0x20
[ 1289.658819]  __kmalloc+0x72/0x390
[ 1289.659580]  p9pdu_readf+0xadb/0x1d40
[ 1289.660398]  ? pipe_poll+0x21b/0x800
[ 1289.661186]  ? p9pdu_writef+0x100/0x100
[ 1289.662033]  ? p9_fd_poll+0x1e0/0x2c0
[ 1289.662850]  ? p9_fd_create+0x357/0x4a0
[ 1289.663709]  ? p9_conn_create+0x510/0x510
[ 1289.664592]  ? p9_client_create+0x798/0x1230
[ 1289.665538]  ? kfree+0xd7/0x340
[ 1289.666237]  ? do_raw_spin_unlock+0x4f/0x220
[ 1289.667198]  p9_client_create+0xaee/0x1230
[ 1289.668109]  ? p9_client_flush+0x430/0x430
[ 1289.669012]  ? trace_hardirqs_on+0x5b/0x180
[ 1289.669943]  ? lockdep_init_map_type+0x2c7/0x780
[ 1289.670961]  ? __raw_spin_lock_init+0x36/0x110
[ 1289.671941]  v9fs_session_init+0x1dd/0x1680
[ 1289.672865]  ? lock_release+0x680/0x680
[ 1289.674327]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1289.675371]  ? v9fs_show_options+0x690/0x690
[ 1289.676317]  ? trace_hardirqs_on+0x5b/0x180
[ 1289.677233]  ? kasan_unpoison_shadow+0x33/0x50
[ 1289.678204]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1289.679309]  v9fs_mount+0x79/0x8f0
[ 1289.680069]  ? v9fs_write_inode+0x60/0x60
[ 1289.680955]  legacy_get_tree+0x105/0x220
[ 1289.681820]  vfs_get_tree+0x8e/0x300
[ 1289.682617]  path_mount+0x1429/0x2120
[ 1289.683443]  ? strncpy_from_user+0x9e/0x470
[ 1289.684341]  ? finish_automount+0xa90/0xa90
[ 1289.685247]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1289.686222]  ? _copy_from_user+0xfb/0x1b0
[ 1289.686286] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=15100 comm=syz-executor.0
[ 1289.687113]  __x64_sys_mount+0x282/0x300
[ 1289.687135]  ? copy_mnt_ns+0xa00/0xa00
[ 1289.687158]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1289.687179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1289.687202]  do_syscall_64+0x33/0x40
[ 1289.687225]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1289.687239] RIP: 0033:0x7fd019574b19
[ 1289.687259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1289.687269] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1289.687294] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1289.687319] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1289.706905] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1289.708663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1289.710338] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:24:56 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x6800, 0x0, &(0x7f0000000180))

08:24:57 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97ef, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:57 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x300000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:57 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x200000000000000, 0x0, &(0x7f0000000180))

08:24:57 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:24:57 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x40049409, &(0x7f0000000000)={'veth0_vlan\x00'})

08:24:57 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x6c00, 0x0, &(0x7f0000000180))

08:24:57 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 49)

08:24:57 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1290.060084] FAULT_INJECTION: forcing a failure.
[ 1290.060084] name failslab, interval 1, probability 0, space 0, times 0
[ 1290.062611] CPU: 1 PID: 15377 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1290.064074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1290.065863] Call Trace:
[ 1290.066423]  dump_stack+0x107/0x167
[ 1290.067218]  should_fail.cold+0x5/0xa
[ 1290.068041]  ? create_object.isra.0+0x3a/0xa20
[ 1290.069023]  should_failslab+0x5/0x20
[ 1290.069838]  kmem_cache_alloc+0x5b/0x310
[ 1290.070706]  create_object.isra.0+0x3a/0xa20
[ 1290.071653]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1290.072739]  __kmalloc+0x16e/0x390
[ 1290.073511]  p9pdu_readf+0xadb/0x1d40
[ 1290.074333]  ? pipe_poll+0x21b/0x800
[ 1290.075124]  ? p9pdu_writef+0x100/0x100
[ 1290.075970]  ? p9_fd_poll+0x1e0/0x2c0
[ 1290.076786]  ? p9_fd_create+0x357/0x4a0
[ 1290.077630]  ? p9_conn_create+0x510/0x510
[ 1290.078512]  ? p9_client_create+0x798/0x1230
[ 1290.079441]  ? kfree+0xd7/0x340
[ 1290.080142]  ? do_raw_spin_unlock+0x4f/0x220
[ 1290.081068]  p9_client_create+0xaee/0x1230
[ 1290.081978]  ? p9_client_flush+0x430/0x430
[ 1290.082871]  ? trace_hardirqs_on+0x5b/0x180
[ 1290.083779]  ? lockdep_init_map_type+0x2c7/0x780
[ 1290.084771]  ? __raw_spin_lock_init+0x36/0x110
[ 1290.085767]  v9fs_session_init+0x1dd/0x1680
[ 1290.086671]  ? lock_release+0x680/0x680
[ 1290.087550]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1290.088594]  ? v9fs_show_options+0x690/0x690
[ 1290.089550]  ? trace_hardirqs_on+0x5b/0x180
[ 1290.090485]  ? kasan_unpoison_shadow+0x33/0x50
[ 1290.091485]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1290.092591]  v9fs_mount+0x79/0x8f0
[ 1290.093495]  ? v9fs_write_inode+0x60/0x60
[ 1290.094565]  legacy_get_tree+0x105/0x220
[ 1290.095553]  vfs_get_tree+0x8e/0x300
[ 1290.096370]  path_mount+0x1429/0x2120
[ 1290.097221]  ? strncpy_from_user+0x9e/0x470
[ 1290.098293]  ? finish_automount+0xa90/0xa90
[ 1290.099339]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1290.100437]  ? _copy_from_user+0xfb/0x1b0
[ 1290.101414]  __x64_sys_mount+0x282/0x300
[ 1290.102368]  ? copy_mnt_ns+0xa00/0xa00
[ 1290.103300]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1290.104553]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1290.105769]  do_syscall_64+0x33/0x40
[ 1290.106647]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1290.107771] RIP: 0033:0x7fd019574b19
[ 1290.108582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1290.112151] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=15404 comm=syz-executor.0
[ 1290.112428] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1290.116564] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1290.118062] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1290.119556] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1290.121042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1290.122677] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:24:57 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x7400, 0x0, &(0x7f0000000180))

08:24:57 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:57 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x400000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:24:57 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x300000000000000, 0x0, &(0x7f0000000180))

08:25:13 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x400000000000000, 0x0, &(0x7f0000000180))

08:25:13 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f1, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:25:13 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:25:13 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x40086602, &(0x7f0000000000)={'veth0_vlan\x00'})

08:25:13 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x7a00, 0x0, &(0x7f0000000180))

08:25:13 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:25:13 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 50)

08:25:13 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x500000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1305.913404] FAULT_INJECTION: forcing a failure.
[ 1305.913404] name failslab, interval 1, probability 0, space 0, times 0
[ 1305.914885] CPU: 1 PID: 15769 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1305.915775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1305.916713] Call Trace:
[ 1305.917018]  dump_stack+0x107/0x167
[ 1305.917437]  should_fail.cold+0x5/0xa
[ 1305.917883]  should_failslab+0x5/0x20
[ 1305.918366]  __kmalloc_track_caller+0x79/0x370
[ 1305.918934]  ? kasprintf+0xbb/0xf0
[ 1305.919405]  ? __delete_object+0xb3/0x100
[ 1305.919926]  kvasprintf+0xb5/0x150
[ 1305.920376]  ? bust_spinlocks+0xe0/0xe0
[ 1305.920874]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1305.921541]  kasprintf+0xbb/0xf0
[ 1305.921960]  ? kvasprintf_const+0x1a0/0x1a0
[ 1305.922496]  ? kmem_cache_free+0x249/0x2d0
[ 1305.923054]  ? p9_client_create+0xbfa/0x1230
[ 1305.923620]  p9_client_create+0xc1b/0x1230
[ 1305.924175]  ? p9_client_flush+0x430/0x430
[ 1305.924723]  ? trace_hardirqs_on+0x5b/0x180
[ 1305.925281]  ? lockdep_init_map_type+0x2c7/0x780
[ 1305.925888]  ? __raw_spin_lock_init+0x36/0x110
[ 1305.926473]  v9fs_session_init+0x1dd/0x1680
[ 1305.927037]  ? lock_release+0x680/0x680
[ 1305.927552]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1305.928114]  ? v9fs_show_options+0x690/0x690
[ 1305.928625]  ? trace_hardirqs_on+0x5b/0x180
[ 1305.929182]  ? kasan_unpoison_shadow+0x33/0x50
[ 1305.929811]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1305.930488]  v9fs_mount+0x79/0x8f0
[ 1305.930964]  ? v9fs_write_inode+0x60/0x60
[ 1305.931541]  legacy_get_tree+0x105/0x220
[ 1305.932112]  vfs_get_tree+0x8e/0x300
[ 1305.932623]  path_mount+0x1429/0x2120
[ 1305.933161]  ? strncpy_from_user+0x9e/0x470
[ 1305.933761]  ? finish_automount+0xa90/0xa90
[ 1305.934364]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1305.935023]  ? _copy_from_user+0xfb/0x1b0
[ 1305.935611]  __x64_sys_mount+0x282/0x300
[ 1305.936174]  ? copy_mnt_ns+0xa00/0xa00
[ 1305.936726]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1305.937458]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1305.938189]  do_syscall_64+0x33/0x40
[ 1305.938707]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1305.939436] RIP: 0033:0x7fd019574b19
[ 1305.939962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1305.942528] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1305.943636] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1305.944551] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1305.945376] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1305.946182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1305.946999] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:25:13 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x8004, 0x0, &(0x7f0000000180))

[ 1305.976252] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=15791 comm=syz-executor.0
08:25:13 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:25:13 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:25:13 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x500000000000000, 0x0, &(0x7f0000000180))

08:25:13 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:25:35 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x600000000000000, 0x0, &(0x7f0000000180))

08:25:35 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x600000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:25:35 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:25:35 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x40087602, &(0x7f0000000000)={'veth0_vlan\x00'})

08:25:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xf002, 0x0, &(0x7f0000000180))

08:25:35 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 51)

08:25:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:25:35 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f3, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1327.874647] FAULT_INJECTION: forcing a failure.
[ 1327.874647] name failslab, interval 1, probability 0, space 0, times 0
[ 1327.877206] CPU: 0 PID: 16118 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1327.878674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1327.880438] Call Trace:
[ 1327.881006]  dump_stack+0x107/0x167
[ 1327.881780]  should_fail.cold+0x5/0xa
[ 1327.882587]  ? create_object.isra.0+0x3a/0xa20
[ 1327.883582]  should_failslab+0x5/0x20
[ 1327.884401]  kmem_cache_alloc+0x5b/0x310
[ 1327.885259]  ? vsnprintf+0x4ba/0x1600
[ 1327.886063]  create_object.isra.0+0x3a/0xa20
[ 1327.886984]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1327.888078]  __kmalloc_track_caller+0x177/0x370
[ 1327.889051]  ? kasprintf+0xbb/0xf0
[ 1327.889803]  kvasprintf+0xb5/0x150
[ 1327.890551]  ? bust_spinlocks+0xe0/0xe0
[ 1327.891401]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1327.892515]  kasprintf+0xbb/0xf0
[ 1327.893228]  ? kvasprintf_const+0x1a0/0x1a0
[ 1327.894142]  ? kmem_cache_free+0x249/0x2d0
[ 1327.895047]  ? p9_client_create+0xbfa/0x1230
[ 1327.895981]  p9_client_create+0xc1b/0x1230
[ 1327.896880]  ? p9_client_flush+0x430/0x430
[ 1327.897769]  ? trace_hardirqs_on+0x5b/0x180
[ 1327.898709]  ? lockdep_init_map_type+0x2c7/0x780
[ 1327.899725]  ? __raw_spin_lock_init+0x36/0x110
[ 1327.900689]  v9fs_session_init+0x1dd/0x1680
[ 1327.901596]  ? lock_release+0x680/0x680
[ 1327.902441]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1327.903478]  ? v9fs_show_options+0x690/0x690
[ 1327.904426]  ? trace_hardirqs_on+0x5b/0x180
[ 1327.905207] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=16126 comm=syz-executor.0
[ 1327.905336]  ? kasan_unpoison_shadow+0x33/0x50
[ 1327.908844]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1327.909924]  v9fs_mount+0x79/0x8f0
[ 1327.910676]  ? v9fs_write_inode+0x60/0x60
[ 1327.911557]  legacy_get_tree+0x105/0x220
[ 1327.912411]  vfs_get_tree+0x8e/0x300
[ 1327.913198]  path_mount+0x1429/0x2120
[ 1327.914005]  ? strncpy_from_user+0x9e/0x470
[ 1327.914910]  ? finish_automount+0xa90/0xa90
[ 1327.915830]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1327.916809]  ? _copy_from_user+0xfb/0x1b0
[ 1327.917685]  __x64_sys_mount+0x282/0x300
[ 1327.918533]  ? copy_mnt_ns+0xa00/0xa00
[ 1327.919372]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1327.920474]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1327.921559]  do_syscall_64+0x33/0x40
[ 1327.922338]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1327.923423] RIP: 0033:0x7fd019574b19
[ 1327.924202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1327.928108] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1327.929716] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1327.931214] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1327.932726] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1327.934233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1327.935762] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:25:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x20000, 0x0, &(0x7f0000000180))

08:25:35 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xacf4ac9b71142221, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:25:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:25:35 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x700000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:25:35 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x4020940d, &(0x7f0000000000)={'veth0_vlan\x00'})

08:25:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x1000000, 0x0, &(0x7f0000000180))

08:25:35 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f4, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:25:35 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x601000000000000, 0x0, &(0x7f0000000180))

[ 1328.201127] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=16340 comm=syz-executor.0
08:25:35 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x2000000, 0x0, &(0x7f0000000180))

08:25:48 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x700000000000000, 0x0, &(0x7f0000000180))

08:25:48 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:25:48 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x3000000, 0x0, &(0x7f0000000180))

08:25:48 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x800000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:25:48 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 52)

08:25:48 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7681b961}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:25:48 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x80086601, &(0x7f0000000000)={'veth0_vlan\x00'})

08:25:48 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f5, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1341.293438] FAULT_INJECTION: forcing a failure.
[ 1341.293438] name failslab, interval 1, probability 0, space 0, times 0
[ 1341.296224] CPU: 1 PID: 16579 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1341.297692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1341.299462] Call Trace:
[ 1341.300053]  dump_stack+0x107/0x167
[ 1341.300830]  should_fail.cold+0x5/0xa
[ 1341.301640]  should_failslab+0x5/0x20
[ 1341.302462]  __kmalloc_track_caller+0x79/0x370
[ 1341.303447]  ? kstrdup_const+0x53/0x80
[ 1341.304292]  ? kasprintf+0xbb/0xf0
[ 1341.305058]  kstrdup+0x36/0x70
[ 1341.305744]  kstrdup_const+0x53/0x80
[ 1341.306544]  kmem_cache_create_usercopy+0x12f/0x2f0
[ 1341.307626]  p9_client_create+0xc6a/0x1230
[ 1341.308549]  ? p9_client_flush+0x430/0x430
[ 1341.309448]  ? trace_hardirqs_on+0x5b/0x180
[ 1341.310369]  ? lockdep_init_map_type+0x2c7/0x780
[ 1341.311382]  ? __raw_spin_lock_init+0x36/0x110
[ 1341.312385]  v9fs_session_init+0x1dd/0x1680
[ 1341.313302]  ? lock_release+0x680/0x680
[ 1341.314161]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1341.315184]  ? v9fs_show_options+0x690/0x690
[ 1341.316161]  ? trace_hardirqs_on+0x5b/0x180
[ 1341.317078]  ? kasan_unpoison_shadow+0x33/0x50
[ 1341.318038]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1341.319111]  v9fs_mount+0x79/0x8f0
[ 1341.319890]  ? v9fs_write_inode+0x60/0x60
[ 1341.320766]  legacy_get_tree+0x105/0x220
[ 1341.321621]  vfs_get_tree+0x8e/0x300
[ 1341.322410]  path_mount+0x1429/0x2120
[ 1341.323232]  ? strncpy_from_user+0x9e/0x470
[ 1341.324172]  ? finish_automount+0xa90/0xa90
[ 1341.325095]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1341.326084]  ? _copy_from_user+0xfb/0x1b0
[ 1341.326974]  __x64_sys_mount+0x282/0x300
[ 1341.327846]  ? copy_mnt_ns+0xa00/0xa00
[ 1341.328436]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
08:25:48 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f6, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1341.329150]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1341.330027]  do_syscall_64+0x33/0x40
[ 1341.330614]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1341.331367] RIP: 0033:0x7fd019574b19
[ 1341.331931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1341.334564] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
08:25:48 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x4000000, 0x0, &(0x7f0000000180))

[ 1341.335756] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1341.336832] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1341.337892] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1341.338942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1341.339987] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1341.342055] kmem_cache_create(9p-fcall-cache-119) failed with error -12
[ 1341.343164] CPU: 1 PID: 16579 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1341.344178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1341.345415] Call Trace:
[ 1341.345803]  dump_stack+0x107/0x167
[ 1341.346368]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 1341.347145]  p9_client_create+0xc6a/0x1230
[ 1341.347794]  ? p9_client_flush+0x430/0x430
[ 1341.348424]  ? trace_hardirqs_on+0x5b/0x180
[ 1341.349093]  ? lockdep_init_map_type+0x2c7/0x780
[ 1341.349798]  ? __raw_spin_lock_init+0x36/0x110
[ 1341.350476]  v9fs_session_init+0x1dd/0x1680
[ 1341.351114]  ? lock_release+0x680/0x680
[ 1341.351727]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1341.352436]  ? v9fs_show_options+0x690/0x690
[ 1341.353102]  ? trace_hardirqs_on+0x5b/0x180
[ 1341.353763]  ? kasan_unpoison_shadow+0x33/0x50
[ 1341.354455]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1341.355209]  v9fs_mount+0x79/0x8f0
[ 1341.355748]  ? v9fs_write_inode+0x60/0x60
[ 1341.356385]  legacy_get_tree+0x105/0x220
[ 1341.356990]  vfs_get_tree+0x8e/0x300
[ 1341.357569]  path_mount+0x1429/0x2120
[ 1341.358151]  ? strncpy_from_user+0x9e/0x470
[ 1341.358788]  ? finish_automount+0xa90/0xa90
[ 1341.359418]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1341.360687]  ? _copy_from_user+0xfb/0x1b0
[ 1341.361751]  __x64_sys_mount+0x282/0x300
[ 1341.362791]  ? copy_mnt_ns+0xa00/0xa00
[ 1341.363816]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1341.365000]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1341.366160]  do_syscall_64+0x33/0x40
[ 1341.366994]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1341.368156] RIP: 0033:0x7fd019574b19
[ 1341.368993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1341.373139] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1341.374849] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1341.376455] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1341.378058] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1341.379657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1341.381259] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1341.395723] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=16597 comm=syz-executor.0
08:25:48 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:25:48 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x80087601, &(0x7f0000000000)={'veth0_vlan\x00'})

08:25:48 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1341.539600] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=16910 comm=syz-executor.0
08:26:03 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0xc0045878, &(0x7f0000000000)={'veth0_vlan\x00'})

08:26:03 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x5000000, 0x0, &(0x7f0000000180))

08:26:03 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:26:03 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x900000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:03 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f7, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:03 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xa00000000000000, 0x0, &(0x7f0000000180))

08:26:03 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 53)

08:26:03 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1356.488448] FAULT_INJECTION: forcing a failure.
[ 1356.488448] name failslab, interval 1, probability 0, space 0, times 0
[ 1356.491002] CPU: 0 PID: 16932 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1356.492461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1356.494156] Call Trace:
[ 1356.494732]  dump_stack+0x107/0x167
[ 1356.495451]  should_fail.cold+0x5/0xa
[ 1356.496279]  ? create_object.isra.0+0x3a/0xa20
[ 1356.497275]  should_failslab+0x5/0x20
[ 1356.498110]  kmem_cache_alloc+0x5b/0x310
[ 1356.498906]  ? lock_acquire+0x197/0x470
[ 1356.499797]  create_object.isra.0+0x3a/0xa20
[ 1356.500739]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1356.501865]  __kmalloc_track_caller+0x177/0x370
[ 1356.502868]  ? kstrdup_const+0x53/0x80
[ 1356.503702]  ? kasprintf+0xbb/0xf0
[ 1356.504491]  kstrdup+0x36/0x70
[ 1356.505134]  kstrdup_const+0x53/0x80
[ 1356.505867]  kmem_cache_create_usercopy+0x12f/0x2f0
[ 1356.506845]  p9_client_create+0xc6a/0x1230
[ 1356.507790]  ? p9_client_flush+0x430/0x430
[ 1356.508695]  ? trace_hardirqs_on+0x5b/0x180
[ 1356.509537]  ? lockdep_init_map_type+0x2c7/0x780
[ 1356.510564]  ? __raw_spin_lock_init+0x36/0x110
[ 1356.511479]  v9fs_session_init+0x1dd/0x1680
[ 1356.512371]  ? lock_release+0x680/0x680
[ 1356.513152]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1356.514116]  ? v9fs_show_options+0x690/0x690
[ 1356.515036]  ? trace_hardirqs_on+0x5b/0x180
[ 1356.515923]  ? kasan_unpoison_shadow+0x33/0x50
[ 1356.516881]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1356.517973]  v9fs_mount+0x79/0x8f0
[ 1356.518751]  ? v9fs_write_inode+0x60/0x60
[ 1356.519640]  legacy_get_tree+0x105/0x220
[ 1356.520445]  vfs_get_tree+0x8e/0x300
[ 1356.521235]  path_mount+0x1429/0x2120
[ 1356.522011]  ? strncpy_from_user+0x9e/0x470
[ 1356.522903]  ? finish_automount+0xa90/0xa90
[ 1356.523752]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1356.524634]  ? _copy_from_user+0xfb/0x1b0
[ 1356.525450]  __x64_sys_mount+0x282/0x300
[ 1356.526275]  ? copy_mnt_ns+0xa00/0xa00
[ 1356.527067]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1356.528181]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1356.529152]  do_syscall_64+0x33/0x40
[ 1356.529865]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1356.530500] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=16942 comm=syz-executor.0
[ 1356.530835] RIP: 0033:0x7fd019574b19
[ 1356.534163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1356.537652] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1356.539095] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1356.540429] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1356.541769] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1356.543134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1356.544495] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:26:03 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x6000000, 0x0, &(0x7f0000000180))

08:26:03 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x7000000, 0x0, &(0x7f0000000180))

08:26:03 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:26:03 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xa000000, 0x0, &(0x7f0000000180))

08:26:03 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1356.755820] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=17163 comm=syz-executor.0
08:26:04 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0xc0045878, &(0x7f0000000000)={'veth0_vlan\x00'})

08:26:04 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xf000000, 0x0, &(0x7f0000000180))

08:26:04 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xa00000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:04 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f8, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:04 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4000000000000000, 0x0, &(0x7f0000000180))

08:26:04 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 54)

08:26:04 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:26:04 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x10000000, 0x0, &(0x7f0000000180))

[ 1356.924454] FAULT_INJECTION: forcing a failure.
[ 1356.924454] name failslab, interval 1, probability 0, space 0, times 0
[ 1356.924695] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=17242 comm=syz-executor.0
[ 1356.927093] CPU: 1 PID: 17224 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1356.927110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1356.932190] Call Trace:
[ 1356.932761]  dump_stack+0x107/0x167
[ 1356.933545]  should_fail.cold+0x5/0xa
[ 1356.934385]  ? create_object.isra.0+0x3a/0xa20
[ 1356.935377]  should_failslab+0x5/0x20
[ 1356.936219]  kmem_cache_alloc+0x5b/0x310
[ 1356.937103]  create_object.isra.0+0x3a/0xa20
[ 1356.938063]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1356.939165]  kmem_cache_alloc+0x159/0x310
[ 1356.940080]  kmem_cache_create_usercopy+0x190/0x2f0
[ 1356.941209]  p9_client_create+0xc6a/0x1230
[ 1356.942131]  ? p9_client_flush+0x430/0x430
[ 1356.943039]  ? trace_hardirqs_on+0x5b/0x180
[ 1356.943973]  ? lockdep_init_map_type+0x2c7/0x780
[ 1356.944992]  ? __raw_spin_lock_init+0x36/0x110
[ 1356.945971]  v9fs_session_init+0x1dd/0x1680
[ 1356.946898]  ? lock_release+0x680/0x680
[ 1356.947766]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1356.948801]  ? v9fs_show_options+0x690/0x690
[ 1356.949757]  ? trace_hardirqs_on+0x5b/0x180
[ 1356.950683]  ? kasan_unpoison_shadow+0x33/0x50
[ 1356.951662]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1356.952760]  v9fs_mount+0x79/0x8f0
[ 1356.953516]  ? v9fs_write_inode+0x60/0x60
[ 1356.954402]  legacy_get_tree+0x105/0x220
[ 1356.955276]  vfs_get_tree+0x8e/0x300
[ 1356.956069]  path_mount+0x1429/0x2120
[ 1356.956887]  ? strncpy_from_user+0x9e/0x470
[ 1356.957807]  ? finish_automount+0xa90/0xa90
[ 1356.958720]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1356.959706]  ? _copy_from_user+0xfb/0x1b0
[ 1356.960586]  __x64_sys_mount+0x282/0x300
[ 1356.961438]  ? copy_mnt_ns+0xa00/0xa00
[ 1356.962268]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1356.963382]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1356.964481]  do_syscall_64+0x33/0x40
[ 1356.965275]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1356.966361] RIP: 0033:0x7fd019574b19
[ 1356.967151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1356.971045] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1356.972663] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1356.974167] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1356.975655] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1356.977143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1356.978640] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:26:18 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xb00000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:18 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:26:18 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 55)

08:26:18 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:26:18 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x11000000, 0x0, &(0x7f0000000180))

08:26:18 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0xc0189436, &(0x7f0000000000)={'veth0_vlan\x00'})

08:26:18 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4800000000000000, 0x0, &(0x7f0000000180))

08:26:18 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97f9, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1371.543869] FAULT_INJECTION: forcing a failure.
[ 1371.543869] name failslab, interval 1, probability 0, space 0, times 0
[ 1371.546706] CPU: 0 PID: 17435 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1371.548439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1371.550479] Call Trace:
[ 1371.551107]  dump_stack+0x107/0x167
[ 1371.551999]  should_fail.cold+0x5/0xa
[ 1371.552964]  ? __kmem_cache_create+0x10e/0x520
[ 1371.554088]  should_failslab+0x5/0x20
[ 1371.555055]  kmem_cache_alloc_node+0x55/0x330
[ 1371.556212]  __kmem_cache_create+0x10e/0x520
[ 1371.557309]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1371.558535]  p9_client_create+0xc6a/0x1230
[ 1371.559575]  ? p9_client_flush+0x430/0x430
[ 1371.560618]  ? trace_hardirqs_on+0x5b/0x180
[ 1371.561665]  ? lockdep_init_map_type+0x2c7/0x780
[ 1371.562842]  ? __raw_spin_lock_init+0x36/0x110
[ 1371.563984]  v9fs_session_init+0x1dd/0x1680
[ 1371.564990]  ? lock_release+0x680/0x680
[ 1371.565934]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1371.567085]  ? v9fs_show_options+0x690/0x690
[ 1371.568119]  ? trace_hardirqs_on+0x5b/0x180
[ 1371.569192]  ? kasan_unpoison_shadow+0x33/0x50
[ 1371.569872] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=17404 comm=syz-executor.0
[ 1371.570288]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1371.570316]  v9fs_mount+0x79/0x8f0
[ 1371.570340]  ? v9fs_write_inode+0x60/0x60
[ 1371.570367]  legacy_get_tree+0x105/0x220
[ 1371.570392]  vfs_get_tree+0x8e/0x300
[ 1371.570416]  path_mount+0x1429/0x2120
[ 1371.570450]  ? strncpy_from_user+0x9e/0x470
[ 1371.580061]  ? finish_automount+0xa90/0xa90
[ 1371.581070]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1371.582195]  ? _copy_from_user+0xfb/0x1b0
[ 1371.583216]  __x64_sys_mount+0x282/0x300
[ 1371.584199]  ? copy_mnt_ns+0xa00/0xa00
[ 1371.585170]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1371.586430]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1371.587683]  do_syscall_64+0x33/0x40
[ 1371.588587]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1371.589836] RIP: 0033:0x7fd019574b19
[ 1371.590739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1371.595263] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1371.597196] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1371.598941] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1371.600831] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1371.602951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1371.604576] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1371.605993] kmem_cache_create(9p-fcall-cache-122) failed with error -22
[ 1371.607104] CPU: 0 PID: 17435 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1371.608243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1371.609578] Call Trace:
[ 1371.610004]  dump_stack+0x107/0x167
[ 1371.610591]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 1371.611441]  p9_client_create+0xc6a/0x1230
[ 1371.612134]  ? p9_client_flush+0x430/0x430
[ 1371.612813]  ? trace_hardirqs_on+0x5b/0x180
[ 1371.613504]  ? lockdep_init_map_type+0x2c7/0x780
[ 1371.614278]  ? __raw_spin_lock_init+0x36/0x110
[ 1371.615013]  v9fs_session_init+0x1dd/0x1680
[ 1371.615703]  ? lock_release+0x680/0x680
[ 1371.616364]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1371.617131]  ? v9fs_show_options+0x690/0x690
[ 1371.617840]  ? trace_hardirqs_on+0x5b/0x180
[ 1371.618530]  ? kasan_unpoison_shadow+0x33/0x50
[ 1371.619261]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1371.620078]  v9fs_mount+0x79/0x8f0
[ 1371.620646]  ? v9fs_write_inode+0x60/0x60
[ 1371.621301]  legacy_get_tree+0x105/0x220
[ 1371.621951]  vfs_get_tree+0x8e/0x300
[ 1371.622535]  path_mount+0x1429/0x2120
[ 1371.623159]  ? strncpy_from_user+0x9e/0x470
[ 1371.623859]  ? finish_automount+0xa90/0xa90
[ 1371.624564]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1371.625296]  ? _copy_from_user+0xfb/0x1b0
[ 1371.625963]  __x64_sys_mount+0x282/0x300
[ 1371.626612]  ? copy_mnt_ns+0xa00/0xa00
[ 1371.627236]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1371.628088]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1371.628933]  do_syscall_64+0x33/0x40
[ 1371.629530]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1371.630345] RIP: 0033:0x7fd019574b19
[ 1371.630939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1371.634317] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1371.635689] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1371.636970] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1371.638274] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1371.639598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1371.640818] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:26:18 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x1000000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:18 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x2c000000, 0x0, &(0x7f0000000180))

08:26:18 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0xc020660b, &(0x7f0000000000)={'veth0_vlan\x00'})

08:26:18 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:26:19 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1371.844176] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=17731 comm=syz-executor.0
08:26:34 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 56)

08:26:34 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97fa, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:34 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x40000000, 0x0, &(0x7f0000000180))

08:26:34 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x4c00000000000000, 0x0, &(0x7f0000000180))

08:26:34 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:26:34 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x2000000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:34 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r2 = dup3(r0, r0, 0x0)
write$binfmt_elf32(r1, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x81, 0x9, 0x1, 0x5, 0x2, 0x0, 0x10000, 0x13b, 0x38, 0x36b, 0x1ff, 0x800, 0x20, 0x2, 0x6, 0x800, 0x78}, [{0x70000006, 0x9, 0x5, 0x7, 0xdf55, 0x1ff, 0x7f, 0x5}, {0x7, 0x4, 0x40, 0x9, 0xfffffffb, 0x101, 0x1, 0x30b7}], "8d46d7f725b566144d1e0c17b1eb01f6ea9c79caa86911d6c9e7809f5707de7a6ab32aee71d0834c1e7bdd141db5", ['\x00', '\x00', '\x00', '\x00']}, 0x4a6)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2)
syz_open_dev$vcsa(&(0x7f0000000040), 0x6eaf, 0x280000)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1387.167641] FAULT_INJECTION: forcing a failure.
[ 1387.167641] name failslab, interval 1, probability 0, space 0, times 0
[ 1387.170188] CPU: 0 PID: 17753 Comm: syz-executor.1 Not tainted 5.10.235 #1
08:26:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000001000000180000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1387.171619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1387.173502] Call Trace:
[ 1387.174053]  dump_stack+0x107/0x167
[ 1387.174803]  should_fail.cold+0x5/0xa
[ 1387.175598]  ? create_object.isra.0+0x3a/0xa20
[ 1387.176566]  should_failslab+0x5/0x20
[ 1387.177357]  kmem_cache_alloc+0x5b/0x310
[ 1387.178203]  create_object.isra.0+0x3a/0xa20
[ 1387.179103]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1387.180159]  kmem_cache_alloc_node+0x169/0x330
[ 1387.181119]  __kmem_cache_create+0x10e/0x520
[ 1387.182039]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1387.183080]  p9_client_create+0xc6a/0x1230
[ 1387.183971]  ? p9_client_flush+0x430/0x430
[ 1387.184848]  ? trace_hardirqs_on+0x5b/0x180
[ 1387.185748]  ? lockdep_init_map_type+0x2c7/0x780
[ 1387.186724]  ? __raw_spin_lock_init+0x36/0x110
[ 1387.187684]  v9fs_session_init+0x1dd/0x1680
[ 1387.188589]  ? lock_release+0x680/0x680
[ 1387.189430]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1387.190426]  ? v9fs_show_options+0x690/0x690
[ 1387.191343]  ? trace_hardirqs_on+0x5b/0x180
[ 1387.192264]  ? kasan_unpoison_shadow+0x33/0x50
[ 1387.193357]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1387.194423]  v9fs_mount+0x79/0x8f0
[ 1387.195154]  ? v9fs_write_inode+0x60/0x60
[ 1387.196021]  legacy_get_tree+0x105/0x220
[ 1387.196873]  vfs_get_tree+0x8e/0x300
[ 1387.197646]  path_mount+0x1429/0x2120
[ 1387.198443]  ? strncpy_from_user+0x9e/0x470
[ 1387.199345]  ? finish_automount+0xa90/0xa90
[ 1387.200248]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1387.201219]  ? _copy_from_user+0xfb/0x1b0
[ 1387.202071]  __x64_sys_mount+0x282/0x300
[ 1387.202913]  ? copy_mnt_ns+0xa00/0xa00
[ 1387.203720]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1387.204799]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1387.205848]  do_syscall_64+0x33/0x40
[ 1387.206619]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1387.207668] RIP: 0033:0x7fd019574b19
[ 1387.208443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1387.212205] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1387.213769] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1387.215257] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1387.216717] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1387.217860] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=17763 comm=syz-executor.0
[ 1387.218174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1387.218187] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:26:34 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x48000000, 0x0, &(0x7f0000000180))

08:26:34 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:26:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000001000000180000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:26:34 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x2010000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:34 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97fb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:34 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7}, 0x7)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r2, {0x9}}, './file0\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000080)={'veth1_to_hsr\x00'})

08:26:34 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x4c000000, 0x0, &(0x7f0000000180))

08:26:34 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6800000000000000, 0x0, &(0x7f0000000180))

[ 1387.513276] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=17999 comm=syz-executor.0
08:26:34 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 57)

08:26:34 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:26:34 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x68000000, 0x0, &(0x7f0000000180))

08:26:34 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x8304000000000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1387.651141] FAULT_INJECTION: forcing a failure.
[ 1387.651141] name failslab, interval 1, probability 0, space 0, times 0
[ 1387.653104] CPU: 0 PID: 18211 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1387.654235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1387.655577] Call Trace:
[ 1387.656037]  dump_stack+0x107/0x167
[ 1387.656626]  should_fail.cold+0x5/0xa
[ 1387.657259]  ? create_object.isra.0+0x3a/0xa20
[ 1387.658010]  should_failslab+0x5/0x20
[ 1387.658631]  kmem_cache_alloc+0x5b/0x310
[ 1387.659299]  create_object.isra.0+0x3a/0xa20
[ 1387.660044]  kmemleak_alloc_percpu+0xa0/0x100
[ 1387.660788]  pcpu_alloc+0x4e2/0x1240
[ 1387.661408]  __kmem_cache_create+0x35a/0x520
[ 1387.662124]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1387.662943]  p9_client_create+0xc6a/0x1230
[ 1387.663630]  ? p9_client_flush+0x430/0x430
[ 1387.664333]  ? trace_hardirqs_on+0x5b/0x180
[ 1387.665037]  ? lockdep_init_map_type+0x2c7/0x780
[ 1387.665795]  ? __raw_spin_lock_init+0x36/0x110
[ 1387.666548]  v9fs_session_init+0x1dd/0x1680
[ 1387.667239]  ? lock_release+0x680/0x680
[ 1387.667887]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1387.668694]  ? v9fs_show_options+0x690/0x690
[ 1387.669405]  ? trace_hardirqs_on+0x5b/0x180
[ 1387.670087]  ? kasan_unpoison_shadow+0x33/0x50
[ 1387.670813]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1387.671604]  v9fs_mount+0x79/0x8f0
[ 1387.672194]  ? v9fs_write_inode+0x60/0x60
[ 1387.672871]  legacy_get_tree+0x105/0x220
[ 1387.673521]  vfs_get_tree+0x8e/0x300
[ 1387.674120]  path_mount+0x1429/0x2120
[ 1387.674735]  ? strncpy_from_user+0x9e/0x470
[ 1387.675422]  ? finish_automount+0xa90/0xa90
[ 1387.676115]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1387.676859]  ? _copy_from_user+0xfb/0x1b0
[ 1387.677530]  __x64_sys_mount+0x282/0x300
[ 1387.678172]  ? copy_mnt_ns+0xa00/0xa00
[ 1387.678788]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1387.679601]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1387.680447]  do_syscall_64+0x33/0x40
[ 1387.681042]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1387.681864] RIP: 0033:0x7fd019574b19
[ 1387.682464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1387.685435] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1387.686656] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1387.687789] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1387.688921] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1387.690052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1387.691181] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:26:47 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 58)

08:26:47 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000001000000180000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:26:47 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x8cffffff00000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:47 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x6c00000000000000, 0x0, &(0x7f0000000180))

08:26:47 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x7, 0x0, 0x2, "77004a6efdff0000070008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
fchdir(r0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0x8}}, './file0\x00'})
readahead(r2, 0x965e, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000040)={'vlan0\x00'})

08:26:47 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97fc, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:26:47 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x6c000000, 0x0, &(0x7f0000000180))

08:26:47 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1399.977982] FAULT_INJECTION: forcing a failure.
[ 1399.977982] name failslab, interval 1, probability 0, space 0, times 0
[ 1399.980440] CPU: 0 PID: 18337 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1399.981905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1399.983699] Call Trace:
[ 1399.984279]  dump_stack+0x107/0x167
[ 1399.985073]  should_fail.cold+0x5/0xa
[ 1399.985897]  ? create_object.isra.0+0x3a/0xa20
[ 1399.986886]  should_failslab+0x5/0x20
[ 1399.987710]  kmem_cache_alloc+0x5b/0x310
[ 1399.988594]  ? mark_held_locks+0x9e/0xe0
[ 1399.989479]  create_object.isra.0+0x3a/0xa20
[ 1399.990440]  kmemleak_alloc_percpu+0xa0/0x100
[ 1399.991413]  pcpu_alloc+0x4e2/0x1240
[ 1399.992247]  __kmem_cache_create+0x35a/0x520
[ 1399.993207]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1399.994294]  p9_client_create+0xc6a/0x1230
[ 1399.995217]  ? p9_client_flush+0x430/0x430
[ 1399.996140]  ? trace_hardirqs_on+0x5b/0x180
[ 1399.997076]  ? lockdep_init_map_type+0x2c7/0x780
[ 1399.998100]  ? __raw_spin_lock_init+0x36/0x110
[ 1399.999090]  v9fs_session_init+0x1dd/0x1680
[ 1400.000026]  ? lock_release+0x680/0x680
[ 1400.000906]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1400.001950]  ? v9fs_show_options+0x690/0x690
[ 1400.002904]  ? trace_hardirqs_on+0x5b/0x180
[ 1400.003833]  ? kasan_unpoison_shadow+0x33/0x50
[ 1400.004829]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1400.005932]  v9fs_mount+0x79/0x8f0
[ 1400.006696]  ? v9fs_write_inode+0x60/0x60
[ 1400.007596]  legacy_get_tree+0x105/0x220
[ 1400.008484]  vfs_get_tree+0x8e/0x300
[ 1400.009286]  path_mount+0x1429/0x2120
[ 1400.010113]  ? strncpy_from_user+0x9e/0x470
[ 1400.011039]  ? finish_automount+0xa90/0xa90
[ 1400.011969]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1400.012983]  ? _copy_from_user+0xfb/0x1b0
[ 1400.013885]  __x64_sys_mount+0x282/0x300
[ 1400.014771]  ? copy_mnt_ns+0xa00/0xa00
[ 1400.015626]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1400.016782]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1400.017917]  do_syscall_64+0x33/0x40
[ 1400.018736]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1400.019856] RIP: 0033:0x7fd019574b19
[ 1400.020675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1400.024694] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1400.026350] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1400.027897] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1400.029459] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1400.031018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1400.032583] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1400.047046] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=18334 comm=syz-executor.0
08:27:03 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x74000000, 0x0, &(0x7f0000000180))

08:27:03 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x7400000000000000, 0x0, &(0x7f0000000180))

08:27:03 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0xf6ffffff00000000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:27:03 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x2, 0x2, 0x0, 0x5, 0x2, "8e914e8594dc39000800260800"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

08:27:03 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:27:03 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 59)

08:27:03 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97fd, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:27:03 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

[ 1416.504753] FAULT_INJECTION: forcing a failure.
[ 1416.504753] name failslab, interval 1, probability 0, space 0, times 0
[ 1416.507277] CPU: 1 PID: 18583 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1416.508759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1416.509802] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=18577 comm=syz-executor.0
[ 1416.510505] Call Trace:
[ 1416.510531]  dump_stack+0x107/0x167
[ 1416.510552]  should_fail.cold+0x5/0xa
[ 1416.510579]  should_failslab+0x5/0x20
[ 1416.510598]  __kmalloc_track_caller+0x79/0x370
[ 1416.510617]  ? kstrdup_const+0x53/0x80
[ 1416.510642]  kstrdup+0x36/0x70
[ 1416.510662]  kstrdup_const+0x53/0x80
[ 1416.510690]  kvasprintf_const+0x10c/0x1a0
[ 1416.520156]  kobject_set_name_vargs+0x56/0x150
[ 1416.521129]  kobject_init_and_add+0xc9/0x160
[ 1416.522063]  ? kobject_create_and_add+0xb0/0xb0
[ 1416.523055]  ? wait_for_completion_io+0x270/0x270
[ 1416.524085]  ? kernfs_name_hash+0xe7/0x110
[ 1416.524996]  ? kernfs_find_ns+0x256/0x380
[ 1416.525881]  sysfs_slab_add+0x172/0x200
[ 1416.526720]  __kmem_cache_create+0x3db/0x520
[ 1416.527661]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1416.528734]  p9_client_create+0xc6a/0x1230
[ 1416.529642]  ? p9_client_flush+0x430/0x430
[ 1416.530529]  ? trace_hardirqs_on+0x5b/0x180
[ 1416.531449]  ? lockdep_init_map_type+0x2c7/0x780
[ 1416.532488]  ? __raw_spin_lock_init+0x36/0x110
[ 1416.533466]  v9fs_session_init+0x1dd/0x1680
[ 1416.534387]  ? lock_release+0x680/0x680
[ 1416.535240]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1416.536266]  ? v9fs_show_options+0x690/0x690
[ 1416.537197]  ? trace_hardirqs_on+0x5b/0x180
[ 1416.538108]  ? kasan_unpoison_shadow+0x33/0x50
[ 1416.539070]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1416.540141]  v9fs_mount+0x79/0x8f0
[ 1416.540893]  ? v9fs_write_inode+0x60/0x60
[ 1416.541769]  legacy_get_tree+0x105/0x220
[ 1416.542635]  vfs_get_tree+0x8e/0x300
[ 1416.543417]  path_mount+0x1429/0x2120
[ 1416.544228]  ? strncpy_from_user+0x9e/0x470
[ 1416.545158]  ? finish_automount+0xa90/0xa90
[ 1416.546068]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1416.547042]  ? _copy_from_user+0xfb/0x1b0
[ 1416.547929]  __x64_sys_mount+0x282/0x300
[ 1416.548823]  ? copy_mnt_ns+0xa00/0xa00
[ 1416.549656]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1416.550764]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1416.551845]  do_syscall_64+0x33/0x40
[ 1416.552642]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1416.553725] RIP: 0033:0x7fd019574b19
[ 1416.554513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1416.558381] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1416.559990] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1416.561518] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1416.563029] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1416.564553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1416.566055] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1416.567645] kobject: can not set name properly!
[ 1416.568736] kmem_cache_create(9p-fcall-cache-126) failed with error -12
[ 1416.570216] CPU: 1 PID: 18583 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1416.571698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1416.573479] Call Trace:
[ 1416.574037]  dump_stack+0x107/0x167
[ 1416.574808]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 1416.575929]  p9_client_create+0xc6a/0x1230
[ 1416.576842]  ? p9_client_flush+0x430/0x430
[ 1416.577738]  ? trace_hardirqs_on+0x5b/0x180
[ 1416.578643]  ? lockdep_init_map_type+0x2c7/0x780
[ 1416.579645]  ? __raw_spin_lock_init+0x36/0x110
[ 1416.580617]  v9fs_session_init+0x1dd/0x1680
[ 1416.581522]  ? lock_release+0x680/0x680
[ 1416.582363]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1416.583416]  ? v9fs_show_options+0x690/0x690
[ 1416.584394]  ? trace_hardirqs_on+0x5b/0x180
[ 1416.585299]  ? kasan_unpoison_shadow+0x33/0x50
[ 1416.586253]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1416.587352]  v9fs_mount+0x79/0x8f0
[ 1416.588127]  ? v9fs_write_inode+0x60/0x60
[ 1416.589004]  legacy_get_tree+0x105/0x220
[ 1416.589860]  vfs_get_tree+0x8e/0x300
[ 1416.590643]  path_mount+0x1429/0x2120
[ 1416.591481]  ? strncpy_from_user+0x9e/0x470
[ 1416.592421]  ? finish_automount+0xa90/0xa90
[ 1416.593324]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1416.594297]  ? _copy_from_user+0xfb/0x1b0
[ 1416.595205]  __x64_sys_mount+0x282/0x300
[ 1416.596085]  ? copy_mnt_ns+0xa00/0xa00
[ 1416.596948]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1416.598060]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1416.599176]  do_syscall_64+0x33/0x40
[ 1416.599999]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1416.601083] RIP: 0033:0x7fd019574b19
[ 1416.601863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1416.605832] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1416.607479] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1416.609033] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1416.610547] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1416.612052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1416.613567] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
08:27:03 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x7a000000, 0x0, &(0x7f0000000180))

08:27:03 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x7a00000000000000, 0x0, &(0x7f0000000180))

08:27:03 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:27:03 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1416.717281] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=18790 comm=syz-executor.0
08:27:04 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x80040000, 0x0, &(0x7f0000000180))

08:27:04 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0xa}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:27:04 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97fe, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:27:04 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'team0\x00', <r3=>0x0})
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000140)=r3)
ioctl$SIOCGIFHWADDR(r2, 0x8927, &(0x7f0000000040)={'veth0_to_bond\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000180)={'netpci0\x00'})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xa4048, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r4, &(0x7f0000000100)=ANY=[], 0xfdef)
fallocate(r4, 0x3, 0x4077, 0x8000)
futimesat(r4, &(0x7f0000000000)='./file1\x00', &(0x7f00000000c0))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x101980, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c)
openat(r5, &(0x7f0000000040)='./file0\x00', 0x280, 0x26)

[ 1416.842570] 9pnet: Insufficient options for proto=fd
08:27:04 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 60)

08:27:04 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:27:04 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:27:04 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0x8cffffff, 0x0, &(0x7f0000000180))

08:27:04 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x8004000000000000, 0x0, &(0x7f0000000180))

08:27:04 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
lseek(r2, 0x0, 0x4)
ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000080))
close(r1)
ioctl$TUNSETPERSIST(r2, 0x400454cb, 0x1)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'ip6tnl0\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
pipe(&(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$VT_ACTIVATE(r4, 0x5606, 0x6)
syz_io_uring_setup(0xcb1, &(0x7f0000000240)={0x0, 0xdafb, 0x8, 0x2, 0x1e3, 0x0, r5}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000100), &(0x7f00000002c0))
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x13, r4, 0xd4e93000)
ioctl$BTRFS_IOC_QGROUP_CREATE(r3, 0x4010942a, &(0x7f0000000180)={0x0, 0x3})

[ 1417.007358] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=18947 comm=syz-executor.0
08:27:04 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x22}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1417.101717] FAULT_INJECTION: forcing a failure.
[ 1417.101717] name failslab, interval 1, probability 0, space 0, times 0
[ 1417.104229] CPU: 0 PID: 19027 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1417.105723] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1417.107490] Call Trace:
[ 1417.108052]  dump_stack+0x107/0x167
[ 1417.108840]  should_fail.cold+0x5/0xa
[ 1417.109652]  ? create_object.isra.0+0x3a/0xa20
[ 1417.110632]  should_failslab+0x5/0x20
[ 1417.111445]  kmem_cache_alloc+0x5b/0x310
[ 1417.112319]  ? lock_release+0x680/0x680
[ 1417.113165]  create_object.isra.0+0x3a/0xa20
[ 1417.114102]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1417.115184]  __kmalloc_track_caller+0x177/0x370
[ 1417.116176]  ? kstrdup_const+0x53/0x80
[ 1417.117027]  kstrdup+0x36/0x70
[ 1417.117712]  kstrdup_const+0x53/0x80
[ 1417.118505]  kvasprintf_const+0x10c/0x1a0
[ 1417.119387]  kobject_set_name_vargs+0x56/0x150
[ 1417.120370]  kobject_init_and_add+0xc9/0x160
[ 1417.121302]  ? kobject_create_and_add+0xb0/0xb0
[ 1417.122290]  ? wait_for_completion_io+0x270/0x270
[ 1417.123312]  ? kernfs_name_hash+0xe7/0x110
[ 1417.124214]  ? kernfs_find_ns+0x256/0x380
[ 1417.125117]  sysfs_slab_add+0x172/0x200
[ 1417.125965]  __kmem_cache_create+0x3db/0x520
[ 1417.126398] audit: type=1400 audit(1742286424.405:20): avc:  denied  { map } for  pid=19021 comm="syz-executor.3" path="pipe:[32314]" dev="pipefs" ino=32314 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=fifo_file permissive=1
[ 1417.126911]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1417.132623]  p9_client_create+0xc6a/0x1230
[ 1417.133532]  ? p9_client_flush+0x430/0x430
[ 1417.134429]  ? trace_hardirqs_on+0x5b/0x180
[ 1417.135346]  ? lockdep_init_map_type+0x2c7/0x780
[ 1417.136366]  ? __raw_spin_lock_init+0x36/0x110
[ 1417.137338]  v9fs_session_init+0x1dd/0x1680
[ 1417.138256]  ? lock_release+0x680/0x680
[ 1417.139111]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1417.140133]  ? v9fs_show_options+0x690/0x690
[ 1417.141081]  ? trace_hardirqs_on+0x5b/0x180
[ 1417.141995]  ? kasan_unpoison_shadow+0x33/0x50
[ 1417.142961]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1417.144035]  v9fs_mount+0x79/0x8f0
[ 1417.144795]  ? v9fs_write_inode+0x60/0x60
[ 1417.145679]  legacy_get_tree+0x105/0x220
[ 1417.146545]  vfs_get_tree+0x8e/0x300
[ 1417.147333]  path_mount+0x1429/0x2120
[ 1417.148149]  ? strncpy_from_user+0x9e/0x470
[ 1417.149075]  ? finish_automount+0xa90/0xa90
[ 1417.149989]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1417.150973]  ? _copy_from_user+0xfb/0x1b0
[ 1417.151859]  __x64_sys_mount+0x282/0x300
[ 1417.152723]  ? copy_mnt_ns+0xa00/0xa00
[ 1417.153557]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1417.154666]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1417.155766]  do_syscall_64+0x33/0x40
[ 1417.156560]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1417.157643] RIP: 0033:0x7fd019574b19
[ 1417.158431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1417.162318] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1417.163931] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1417.165445] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1417.167063] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1417.168617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1417.170161] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1417.226634] 9pnet: Insufficient options for proto=fd
08:27:22 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x100000000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x25}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

08:27:22 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 61)

08:27:22 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x46e2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0xb65, @mcast2, 0xfffffffc}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r2, @ANYBLOB="00000000000004002e2f66696c653100"])
r4 = fsopen(&(0x7f00000000c0)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000080)='mand\x00', &(0x7f00000003c0)='-\xfcx{\xe6\xac\xc8\xdf\x8e;\xb4Wy\xbea\xac2@\xa7\\\x98\x1f\x9d\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1423ac00210000092cbd686b46f6470cb3a2ec0c77468efe5886d81b6ba804cdb4a5fbdb7875fba8d15b5ac6e68a732725035c47bb9f6eef0108f479e52f05e3aedb7819b38664d3be6ad16bdb1f05e6d3df1bc5d13400df3c6dd4c59b12065a606dccd7473488d708f59a463567236abda1ddf0894ab552bdf48f0a1ce5690e842544456d6eb93796473b53c5e4780ad41e8491cc6d88904fbae51e91a2e0"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x20040000)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x180201000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=ANY=[@ANYBLOB="c8f3ea0e5079f59edd6532fe86dbe0ccafab38b9", @ANYRES16=0x0, @ANYBLOB="eb012722d415fd0aa6cf00fedbdf250f400000050037000100000008003c000600000008003c000000000008371f000700"], 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x240049c1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000100)={0x0, {}, 0x0, {}, 0x6, 0xa, 0x1c, 0x15, "d025367b0ecd9b14797556f34b755278c289f4c13452d5fa0e889e40b9e9562e133286ff11bc72549034b7913ecd1ba00441b5850fe15516f24c52d4427f5387", "933db4f235b758cc5e6026b81b5192e238d363e2ff876c7ead01fd31849c6499", [0x4, 0x2]})

08:27:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xf0020000, 0x0, &(0x7f0000000180))

08:27:22 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, 0x0, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:27:22 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0x8cffffff00000000, 0x0, &(0x7f0000000180))

08:27:22 executing program 3:
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
lseek(r0, 0x0, 0x4)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000000)={0x10000104, 0x9, 0x0, 0x0, 0x0, "77004a6efdff00000000080300"})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

08:27:22 executing program 7:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97ff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}})

[ 1435.417439] 9pnet: Insufficient options for proto=fd
[ 1435.424877] FAULT_INJECTION: forcing a failure.
[ 1435.424877] name failslab, interval 1, probability 0, space 0, times 0
[ 1435.428026] CPU: 0 PID: 19155 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1435.429544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1435.431491] Call Trace:
[ 1435.432120]  dump_stack+0x107/0x167
[ 1435.432940]  should_fail.cold+0x5/0xa
[ 1435.433781]  should_failslab+0x5/0x20
[ 1435.434615]  __kmalloc_track_caller+0x79/0x370
[ 1435.435606]  ? kstrdup_const+0x53/0x80
[ 1435.436454]  kstrdup+0x36/0x70
[ 1435.437187]  kstrdup_const+0x53/0x80
[ 1435.438006]  __kernfs_new_node+0x9d/0x860
[ 1435.438920]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1435.439962]  ? lock_acquire+0x197/0x470
[ 1435.440844]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1435.441980]  ? lock_release+0x680/0x680
[ 1435.442850]  ? find_held_lock+0x2c/0x110
[ 1435.443730]  kernfs_new_node+0x18d/0x250
[ 1435.444632]  kernfs_create_dir_ns+0x49/0x160
[ 1435.445605]  sysfs_create_dir_ns+0x127/0x290
[ 1435.446551]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1435.447603]  ? rwlock_bug.part.0+0x90/0x90
[ 1435.448545]  ? do_raw_spin_unlock+0x4f/0x220
[ 1435.449498]  kobject_add_internal+0x25e/0xa30
08:27:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xfeffffff, 0x0, &(0x7f0000000180))

[ 1435.450487]  kobject_init_and_add+0x101/0x160
[ 1435.451593]  ? kobject_create_and_add+0xb0/0xb0
08:27:22 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600", 0x0, 0xffff})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1435.452613]  ? wait_for_completion_io+0x270/0x270
[ 1435.453726]  ? kernfs_name_hash+0xe7/0x110
[ 1435.454665]  ? kernfs_find_ns+0x256/0x380
[ 1435.455579]  sysfs_slab_add+0x172/0x200
[ 1435.456478]  __kmem_cache_create+0x3db/0x520
[ 1435.457442]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1435.458534]  p9_client_create+0xc6a/0x1230
[ 1435.459471]  ? p9_client_flush+0x430/0x430
[ 1435.460396]  ? trace_hardirqs_on+0x5b/0x180
[ 1435.461349]  ? lockdep_init_map_type+0x2c7/0x780
[ 1435.462378]  ? __raw_spin_lock_init+0x36/0x110
[ 1435.463377]  v9fs_session_init+0x1dd/0x1680
[ 1435.464314]  ? lock_release+0x680/0x680
[ 1435.465206]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1435.466249]  ? v9fs_show_options+0x690/0x690
[ 1435.467203]  ? trace_hardirqs_on+0x5b/0x180
[ 1435.468149]  ? kasan_unpoison_shadow+0x33/0x50
[ 1435.469159]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1435.470262]  v9fs_mount+0x79/0x8f0
[ 1435.471035]  ? v9fs_write_inode+0x60/0x60
[ 1435.471947]  legacy_get_tree+0x105/0x220
[ 1435.472860]  vfs_get_tree+0x8e/0x300
[ 1435.473663]  path_mount+0x1429/0x2120
[ 1435.474502]  ? strncpy_from_user+0x9e/0x470
[ 1435.475433]  ? finish_automount+0xa90/0xa90
[ 1435.476375]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1435.477407]  ? _copy_from_user+0xfb/0x1b0
[ 1435.478319]  __x64_sys_mount+0x282/0x300
[ 1435.479202]  ? copy_mnt_ns+0xa00/0xa00
[ 1435.480059]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1435.481207]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1435.482329]  do_syscall_64+0x33/0x40
[ 1435.483145]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1435.484248] RIP: 0033:0x7fd019574b19
[ 1435.485067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1435.489164] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1435.491148] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1435.492732] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1435.494264] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1435.495777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1435.497290] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1435.499051] kobject_add_internal failed for 9p-fcall-cache-128 (error: -12 parent: slab)
[ 1435.500921] kmem_cache_create(9p-fcall-cache-128) failed with error -12
[ 1435.502380] CPU: 0 PID: 19155 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1435.503861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1435.505641] Call Trace:
[ 1435.506191]  dump_stack+0x107/0x167
[ 1435.506978]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 1435.508097]  p9_client_create+0xc6a/0x1230
[ 1435.509026]  ? p9_client_flush+0x430/0x430
[ 1435.509921]  ? trace_hardirqs_on+0x5b/0x180
[ 1435.510831]  ? lockdep_init_map_type+0x2c7/0x780
[ 1435.511831]  ? __raw_spin_lock_init+0x36/0x110
[ 1435.512811]  v9fs_session_init+0x1dd/0x1680
[ 1435.513727]  ? lock_release+0x680/0x680
[ 1435.514575]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1435.515596]  ? v9fs_show_options+0x690/0x690
[ 1435.516536]  ? trace_hardirqs_on+0x5b/0x180
[ 1435.517454]  ? kasan_unpoison_shadow+0x33/0x50
[ 1435.518421]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1435.519496]  v9fs_mount+0x79/0x8f0
[ 1435.520240]  ? v9fs_write_inode+0x60/0x60
[ 1435.521130]  legacy_get_tree+0x105/0x220
[ 1435.521991]  vfs_get_tree+0x8e/0x300
[ 1435.522777]  path_mount+0x1429/0x2120
[ 1435.523584]  ? strncpy_from_user+0x9e/0x470
[ 1435.524499]  ? finish_automount+0xa90/0xa90
[ 1435.525420]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1435.526411]  ? _copy_from_user+0xfb/0x1b0
[ 1435.527296]  __x64_sys_mount+0x282/0x300
[ 1435.528155]  ? copy_mnt_ns+0xa00/0xa00
[ 1435.529004]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1435.530125]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1435.531221]  do_syscall_64+0x33/0x40
[ 1435.532014]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1435.533121] RIP: 0033:0x7fd019574b19
[ 1435.533905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1435.537808] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1435.539437] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1435.540971] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1435.542492] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1435.544018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1435.545544] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1435.559205] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=19148 comm=syz-executor.0
08:27:22 executing program 6:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x2, 0xf002000000000000, 0x0, &(0x7f0000000180))

08:27:22 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xfffffffffffffffc, 0x0}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(0x0, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:27:22 executing program 5:
clone3(&(0x7f00000001c0)={0x90040180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socketpair(0x0, 0xffffff8c, 0x0, &(0x7f0000000180))

08:27:22 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x294bb43f}}]}}) (fail_nth: 62)

[ 1435.770374] FAULT_INJECTION: forcing a failure.
[ 1435.770374] name failslab, interval 1, probability 0, space 0, times 0
[ 1435.772848] CPU: 0 PID: 19389 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 1435.774315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1435.776095] Call Trace:
[ 1435.776669]  dump_stack+0x107/0x167
[ 1435.777458]  should_fail.cold+0x5/0xa
[ 1435.778271]  ? create_object.isra.0+0x3a/0xa20
[ 1435.779247]  should_failslab+0x5/0x20
[ 1435.780058]  kmem_cache_alloc+0x5b/0x310
[ 1435.780935]  create_object.isra.0+0x3a/0xa20
[ 1435.781868]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1435.782959]  __kmalloc_track_caller+0x177/0x370
[ 1435.783950]  ? kstrdup_const+0x53/0x80
[ 1435.784793]  kstrdup+0x36/0x70
[ 1435.785489]  kstrdup_const+0x53/0x80
[ 1435.786280]  __kernfs_new_node+0x9d/0x860
[ 1435.787175]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1435.788190]  ? lock_acquire+0x197/0x470
[ 1435.789048]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1435.790178]  ? lock_release+0x680/0x680
[ 1435.791022]  ? find_held_lock+0x2c/0x110
[ 1435.791887]  kernfs_new_node+0x18d/0x250
[ 1435.792770]  kernfs_create_dir_ns+0x49/0x160
[ 1435.793716]  sysfs_create_dir_ns+0x127/0x290
[ 1435.794671]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1435.795702]  ? rwlock_bug.part.0+0x90/0x90
[ 1435.796614]  ? do_raw_spin_unlock+0x4f/0x220
[ 1435.797556]  kobject_add_internal+0x25e/0xa30
[ 1435.798532]  kobject_init_and_add+0x101/0x160
[ 1435.799499]  ? kobject_create_and_add+0xb0/0xb0
[ 1435.800502]  ? wait_for_completion_io+0x270/0x270
[ 1435.801532]  ? kernfs_name_hash+0xe7/0x110
[ 1435.802442]  ? kernfs_find_ns+0x256/0x380
[ 1435.803333]  sysfs_slab_add+0x172/0x200
[ 1435.804192]  __kmem_cache_create+0x3db/0x520
[ 1435.805156]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1435.806236]  p9_client_create+0xc6a/0x1230
[ 1435.807148]  ? p9_client_flush+0x430/0x430
[ 1435.808048]  ? trace_hardirqs_on+0x5b/0x180
[ 1435.808988]  ? lockdep_init_map_type+0x2c7/0x780
[ 1435.810011]  ? __raw_spin_lock_init+0x36/0x110
[ 1435.810997]  v9fs_session_init+0x1dd/0x1680
[ 1435.811912]  ? lock_release+0x680/0x680
[ 1435.812786]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1435.813818]  ? v9fs_show_options+0x690/0x690
[ 1435.814764]  ? trace_hardirqs_on+0x5b/0x180
[ 1435.815686]  ? kasan_unpoison_shadow+0x33/0x50
[ 1435.816671]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1435.817747]  v9fs_mount+0x79/0x8f0
[ 1435.818510]  ? v9fs_write_inode+0x60/0x60
[ 1435.819390]  legacy_get_tree+0x105/0x220
[ 1435.820256]  vfs_get_tree+0x8e/0x300
[ 1435.821059]  path_mount+0x1429/0x2120
[ 1435.821874]  ? strncpy_from_user+0x9e/0x470
[ 1435.822792]  ? finish_automount+0xa90/0xa90
[ 1435.823712]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1435.824716]  ? _copy_from_user+0xfb/0x1b0
[ 1435.825607]  __x64_sys_mount+0x282/0x300
[ 1435.826467]  ? copy_mnt_ns+0xa00/0xa00
[ 1435.827308]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1435.828423]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1435.829541]  do_syscall_64+0x33/0x40
[ 1435.830342]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1435.831435] RIP: 0033:0x7fd019574b19
[ 1435.832228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1435.836185] RSP: 002b:00007fd016aea188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1435.837811] RAX: ffffffffffffffda RBX: 00007fd019687f60 RCX: 00007fd019574b19
[ 1435.839335] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 0000000000000000
[ 1435.840853] RBP: 00007fd016aea1d0 R08: 0000000020000100 R09: 0000000000000000
[ 1435.842397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1435.843930] R13: 00007ffcadd8638f R14: 00007fd016aea300 R15: 0000000000022000
[ 1448.953053] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff88800b9b9540 (size 32):
  comm "syz-executor.1", pid 19155, jiffies 4296102440 (age 21.861s)
  hex dump (first 32 bytes):
    39 70 2d 66 63 61 6c 6c 2d 63 61 63 68 65 2d 31  9p-fcall-cache-1
    32 38 00 0b 80 88 ff ff 19 00 00 00 00 00 00 00  28..............
  backtrace:
    [<000000007fbf133b>] kstrdup+0x36/0x70
    [<00000000a3fc0a75>] kstrdup_const+0x53/0x80
    [<0000000070456c91>] kvasprintf_const+0x10c/0x1a0
    [<00000000a292ef82>] kobject_set_name_vargs+0x56/0x150
    [<000000007eb81ad6>] kobject_init_and_add+0xc9/0x160
    [<00000000793f857f>] sysfs_slab_add+0x172/0x200
    [<00000000c8e29548>] __kmem_cache_create+0x3db/0x520
    [<00000000621e6633>] kmem_cache_create_usercopy+0x1db/0x2f0
    [<00000000263ae98d>] p9_client_create+0xc6a/0x1230
    [<00000000e251a192>] v9fs_session_init+0x1dd/0x1680
    [<0000000090305803>] v9fs_mount+0x79/0x8f0
    [<0000000038b6a661>] legacy_get_tree+0x105/0x220
    [<00000000e9a53587>] vfs_get_tree+0x8e/0x300
    [<00000000649681b8>] path_mount+0x1429/0x2120
    [<00000000f7aac3a5>] __x64_sys_mount+0x282/0x300
    [<00000000d91f5471>] do_syscall_64+0x33/0x40

BUG: leak checking failed

VM DIAGNOSIS:
08:27:45  Registers:
info registers vcpu 0
RAX=ffffffff83e8ce00 RBX=0000000000000000 RCX=ffffffff83e749ac RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e8d408 RBP=0000000000000000 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001
R12=0000000000000000 R13=ffffffff85678e48 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e8ce0e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffc4a1f9a10 CR3=000000000d5ca000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=0000000000000000413a774800000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffffffff83e8ce00 RBX=0000000000000001 RCX=ffffffff83e749ac RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e8d408 RBP=0000000000000001 RSP=ffff888008987e70
R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001
R12=0000000000000001 R13=ffffffff85678e48 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e8ce0e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0a5d7d1020 CR3=0000000016f1e000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e
XMM02=3a29323320657a697328203034353962 XMM03=393120646970202c22312e726f747563
XMM04=6c6c6163662d70392020313320643220 XMM05=32206336206336203136203336203636
XMM06=73657479622032332074737269662820 XMM07=2e313220656761282030343432303136
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000