_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:31:25 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[  779.312299] 9pnet: Insufficient options for proto=fd
20:31:25 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xf00, {0xa}}, 0x14}}, 0x0)

20:31:25 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:25 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:25 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:25 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[  779.489051] 9pnet: Insufficient options for proto=fd
20:31:38 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:38 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:31:38 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:38 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:38 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:38 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:38 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x7400, {0xa}}, 0x14}}, 0x0)

20:31:38 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[  792.349793] 9pnet: Insufficient options for proto=fd
20:31:38 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:38 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:39 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:51 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:51 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:31:51 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:51 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:51 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xf000, {0xa}}, 0x14}}, 0x0)

20:31:51 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x80000, {0xa}}, 0x14}}, 0x0)

20:31:51 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xf0ffff, {0xa}}, 0x14}}, 0x0)

20:31:51 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:51 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:51 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:31:51 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x1000000, {0xa}}, 0x14}}, 0x0)

20:31:51 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:31:51 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x2000000, {0xa}}, 0x14}}, 0x0)

20:31:51 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:31:51 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, 0x0)

20:32:05 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:32:05 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:32:05 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:05 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, 0x0)

20:32:05 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:05 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:05 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:32:05 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xf000000, {0xa}}, 0x14}}, 0x0)

20:32:05 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, 0x0)

20:32:06 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x74000000, {0xa}}, 0x14}}, 0x0)

20:32:06 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:06 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:06 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:06 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}]}})

[  819.660957] 9pnet: Insufficient options for proto=fd
20:32:19 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:19 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:32:19 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:19 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x9effffff, {0xa}}, 0x14}}, 0x0)

20:32:19 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:32:19 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:19 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}]}})

20:32:19 executing program 2:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[  832.983300] 9pnet: Insufficient options for proto=fd
20:32:19 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:19 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xf0ffffff, {0xa}}, 0x14}}, 0x0)

[  833.076595] 9pnet: Insufficient options for proto=fd
20:32:33 executing program 2:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:32:33 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[  847.093594] 9pnet: Insufficient options for proto=fd
20:32:33 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

20:32:33 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:33 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:32:33 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:33 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:33 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xfffff000, {0xa}}, 0x14}}, 0x0)

20:32:33 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

20:32:33 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xffffff7f, {0xa}}, 0x14}}, 0x0)

20:32:33 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[  847.245348] 9pnet: Insufficient options for proto=fd
20:32:33 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

20:32:33 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:32:33 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:33 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:33 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[  847.364345] 9pnet: Insufficient options for proto=fd
20:32:33 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize}]}})

20:32:33 executing program 2:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:32:33 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xffffff9e, {0xa}}, 0x14}}, 0x0)

20:32:34 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:46 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:46 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:46 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:32:46 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:32:46 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:47 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize}]}})

20:32:47 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize}]}})

20:32:47 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xfffffff0, {0xa}}, 0x14}}, 0x0)

20:32:47 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

[  860.492385] 9pnet: Insufficient options for proto=fd
20:32:47 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0xffffffff, {0xa}}, 0x14}}, 0x0)

20:32:47 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:32:47 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[  860.576028] 9pnet: Insufficient options for proto=fd
20:33:03 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:03 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:03 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:03 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:03 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0x18}}, 0x14}}, 0x0)

20:33:03 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:03 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:03 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[  876.820438] 9pnet: Insufficient options for proto=fd
20:33:03 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize}]}})

20:33:03 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)

20:33:03 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:03 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize}]}})

20:33:03 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:03 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:03 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x2}}, 0x14}}, 0x0)

20:33:03 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:03 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:03 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:03 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize}]}})

20:33:03 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:03 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:16 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:16 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:16 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:16 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:16 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:16 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:16 executing program 1:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0xf}}, 0x14}}, 0x0)

20:33:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x74}}, 0x14}}, 0x0)

[  889.692991] 9pnet: Insufficient options for proto=fd
20:33:16 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0xf}}, 0x14}}, 0x0)

20:33:16 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)

20:33:16 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[  889.841491] 9pnet: Insufficient options for proto=fd
20:33:29 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:29 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x2}}, 0x14}}, 0x0)

20:33:29 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:29 executing program 2:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@msize}]}})

20:33:29 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:29 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:29 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:29 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@msize}]}})

[  902.847954] 9pnet: Insufficient options for proto=fd
20:33:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x8}}, 0x14}}, 0x0)

20:33:29 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

20:33:29 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:29 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:29 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

[  902.936504] 9pnet: Insufficient options for proto=fd
20:33:29 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0xf}}, 0x14}}, 0x0)

[  902.969184] 9pnet: Insufficient options for proto=fd
20:33:29 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@msize}]}})

[  903.031742] 9pnet: Insufficient options for proto=fd
20:33:43 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

20:33:43 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:43 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:43 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x74}}, 0x14}}, 0x0)

20:33:43 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:43 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

20:33:43 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:43 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[  917.014151] 9pnet: Insufficient options for proto=fd
[  917.022154] 9pnet: Insufficient options for proto=fd
20:33:43 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@msize}]}})

20:33:43 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0xf0}}, 0x14}}, 0x0)

20:33:59 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@msize}]}})

20:33:59 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

20:33:59 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}]}})

20:33:59 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:59 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:59 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0xf00}}, 0x14}}, 0x0)

20:33:59 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}]}})

20:33:59 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[  932.820983] 9pnet: Insufficient options for proto=fd
20:33:59 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@msize}]}})

20:33:59 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x7400}}, 0x14}}, 0x0)

20:33:59 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(0x0, 0x0)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:59 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:59 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:33:59 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:59 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(0x0, 0x0)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:59 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:59 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:59 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0xf000}}, 0x14}}, 0x0)

[  933.139798] 9pnet: Insufficient options for proto=fd
20:33:59 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:33:59 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@msize}]}})

20:33:59 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:33:59 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0xffff}}, 0x14}}, 0x0)

20:34:15 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:15 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:15 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@msize}]}})

20:34:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0xf}}, 0x0)

20:34:15 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:15 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:15 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:15 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0)
r1 = dup(r0)
stat(0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0xffffffffffffffff, r2, 0x0)
fsetxattr$system_posix_acl(r1, &(0x7f0000000300)='system.posix_acl_access\x00', &(0x7f0000000640)={{}, {0x1, 0x2}, [{0x2, 0x5}, {0x2, 0x2, r2}, {0x2, 0x2}, {0x2, 0x7}, {0x2, 0x4}, {0x2, 0x2}, {}, {0x2, 0x4}, {0x2, 0x3}], {0x4, 0x2}, [{0x8, 0x2}], {0x10, 0x5}, {0x20, 0x3}}, 0x74, 0x3)

20:34:15 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@msize}]}})

20:34:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x10}}, 0x0)

20:34:15 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:29 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:34:29 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x19}}, 0x0)

20:34:29 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:29 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:29 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:29 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[  963.246198] 9pnet: Insufficient options for proto=fd
20:34:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:34:29 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x0, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[  963.327679] 9pnet: Insufficient options for proto=fd
20:34:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x1b}}, 0x0)

20:34:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[  963.414325] 9pnet: Insufficient options for proto=fd
20:34:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0xc0}}, 0x0)

20:34:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:34:30 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:30 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x0, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:30 executing program 2:
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:30 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:30 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0xec0}}, 0x0)

[  963.532981] 9pnet: Insufficient options for proto=fd
20:34:42 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:34:42 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x0, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:42 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r0, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r1, 0x5450)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:42 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 2:
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x33fe0}}, 0x0)

[  975.641986] 9pnet: Insufficient options for proto=fd
20:34:42 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x20000114}}, 0x0)

20:34:42 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:34:42 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:42 executing program 2:
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 5:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x4bc4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r0, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r1, 0x5450)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(0xffffffffffffffff, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:42 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x7ffff000}}, 0x0)

[  975.876099] 9pnet: Insufficient options for proto=fd
20:34:42 executing program 1:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
syz_io_uring_setup(0x4bc4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0xfffffdef}}, 0x0)

20:34:42 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:42 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:42 executing program 5:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x4bc4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:57 executing program 5:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x4bc4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:57 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:57 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
write$P9_RREADLINK(r0, &(0x7f0000000280)={0x10, 0x17, 0x4009, {0x7, './file1'}}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:57 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x2}, 0x0)

20:34:57 executing program 2:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
syz_io_uring_setup(0x4bc4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:57 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:57 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:57 executing program 1:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
syz_io_uring_setup(0x4bc4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[  991.310063] 9pnet: Insufficient options for proto=fd
20:34:57 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x8}, 0x0)

20:34:57 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:57 executing program 2:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:57 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
write$P9_RREADLINK(r0, &(0x7f0000000280)={0x10, 0x17, 0x4009, {0x7, './file1'}}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:34:57 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:34:58 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 1)

20:34:58 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x3d}, 0x0)

[  991.492480] FAULT_INJECTION: forcing a failure.
[  991.492480] name failslab, interval 1, probability 0, space 0, times 0
[  991.494323] CPU: 0 PID: 8341 Comm: syz-executor.1 Not tainted 5.10.245 #1
[  991.495354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  991.496625] Call Trace:
[  991.497028]  dump_stack+0x107/0x167
[  991.497571]  should_fail.cold+0x5/0xa
[  991.498141]  should_failslab+0x5/0x20
[  991.498715]  __kmalloc_track_caller+0x79/0x370
[  991.499404]  ? strndup_user+0x74/0xe0
[  991.499983]  memdup_user+0x22/0xd0
[  991.500519]  strndup_user+0x74/0xe0
[  991.501067]  __x64_sys_mount+0x133/0x300
[  991.501674]  ? copy_mnt_ns+0xa00/0xa00
[  991.502263]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  991.503076]  ? syscall_enter_from_user_mode+0x1d/0x50
[  991.503876]  do_syscall_64+0x33/0x40
[  991.504437]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  991.505197] RIP: 0033:0x7f2fae613b19
[  991.505753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  991.508508] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  991.509650] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[  991.510709] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[  991.511789] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[  991.512843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  991.513911] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:35:12 executing program 2:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:35:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x300}, 0x0)

20:35:12 executing program 0:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
write$P9_RREADLINK(r0, &(0x7f0000000280)={0x10, 0x17, 0x4009, {0x7, './file1'}}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:35:12 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 1)

20:35:12 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 1)

20:35:12 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 1)

20:35:12 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 2)

20:35:12 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r2, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r3, 0x5450)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:35:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x2}, 0x0)

[ 1005.676212] FAULT_INJECTION: forcing a failure.
[ 1005.676212] name failslab, interval 1, probability 0, space 0, times 0
[ 1005.678809] CPU: 0 PID: 8362 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1005.680353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1005.682225] Call Trace:
[ 1005.682806]  dump_stack+0x107/0x167
[ 1005.683601]  should_fail.cold+0x5/0xa
[ 1005.684453]  ? create_object.isra.0+0x3a/0xa30
[ 1005.685487]  should_failslab+0x5/0x20
[ 1005.686343]  kmem_cache_alloc+0x5b/0x310
[ 1005.687251]  create_object.isra.0+0x3a/0xa30
[ 1005.688236]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1005.689359]  __kmalloc_track_caller+0x177/0x370
[ 1005.690395]  ? strndup_user+0x74/0xe0
[ 1005.691286]  memdup_user+0x22/0xd0
[ 1005.692089]  strndup_user+0x74/0xe0
[ 1005.692895]  __x64_sys_mount+0x133/0x300
[ 1005.693779]  ? copy_mnt_ns+0xa00/0xa00
20:35:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x8}, 0x0)

[ 1005.694650]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1005.695998]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1005.697147]  do_syscall_64+0x33/0x40
[ 1005.697980]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1005.699116] RIP: 0033:0x7f2fae613b19
[ 1005.699968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1005.704034] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1005.705722] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1005.707310] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1005.708909] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1005.710472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1005.712087] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1005.733179] FAULT_INJECTION: forcing a failure.
[ 1005.733179] name failslab, interval 1, probability 0, space 0, times 0
[ 1005.734610] CPU: 1 PID: 8394 Comm: syz-executor.5 Not tainted 5.10.245 #1
[ 1005.735389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1005.736355] Call Trace:
[ 1005.736668]  dump_stack+0x107/0x167
[ 1005.737092]  should_fail.cold+0x5/0xa
[ 1005.737538]  should_failslab+0x5/0x20
[ 1005.737986]  __kmalloc_track_caller+0x79/0x370
[ 1005.738519]  ? strndup_user+0x74/0xe0
[ 1005.738969]  memdup_user+0x22/0xd0
[ 1005.739377]  strndup_user+0x74/0xe0
[ 1005.739807]  __x64_sys_mount+0x133/0x300
[ 1005.740285]  ? copy_mnt_ns+0xa00/0xa00
[ 1005.740743]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1005.741354]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1005.741411] FAULT_INJECTION: forcing a failure.
[ 1005.741411] name failslab, interval 1, probability 0, space 0, times 0
[ 1005.741954]  do_syscall_64+0x33/0x40
[ 1005.741966]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1005.741983] RIP: 0033:0x7fd5f2a0cb19
[ 1005.745832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1005.747982] RSP: 002b:00007fd5eff82188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1005.748865] RAX: ffffffffffffffda RBX: 00007fd5f2b1ff60 RCX: 00007fd5f2a0cb19
[ 1005.749693] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1005.750518] RBP: 00007fd5eff821d0 R08: 0000000020000400 R09: 0000000000000000
[ 1005.751347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1005.752193] R13: 00007ffcd398848f R14: 00007fd5eff82300 R15: 0000000000022000
[ 1005.753051] CPU: 0 PID: 8399 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1005.754843] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1005.757027] Call Trace:
[ 1005.757715]  dump_stack+0x107/0x167
[ 1005.758660]  should_fail.cold+0x5/0xa
[ 1005.759656]  should_failslab+0x5/0x20
[ 1005.760662]  __kmalloc_track_caller+0x79/0x370
[ 1005.761834]  ? strndup_user+0x74/0xe0
[ 1005.762827]  memdup_user+0x22/0xd0
[ 1005.763740]  strndup_user+0x74/0xe0
[ 1005.764704]  __x64_sys_mount+0x133/0x300
[ 1005.765756]  ? copy_mnt_ns+0xa00/0xa00
[ 1005.766780]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1005.768152]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1005.769502]  do_syscall_64+0x33/0x40
[ 1005.770477]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1005.771809] RIP: 0033:0x7f9e20d43b19
20:35:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf}, 0x0)

[ 1005.772682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1005.777074] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
20:35:12 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 1)

[ 1005.778724] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1005.780365] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1005.781922] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1005.783473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1005.785051] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1005.799088] FAULT_INJECTION: forcing a failure.
[ 1005.799088] name failslab, interval 1, probability 0, space 0, times 0
[ 1005.801581] CPU: 0 PID: 8402 Comm: syz-executor.4 Not tainted 5.10.245 #1
[ 1005.803147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1005.805048] Call Trace:
[ 1005.805671]  dump_stack+0x107/0x167
[ 1005.806511]  should_fail.cold+0x5/0xa
[ 1005.807396]  should_failslab+0x5/0x20
[ 1005.808287]  __kmalloc_track_caller+0x79/0x370
[ 1005.809334]  ? strndup_user+0x74/0xe0
[ 1005.810208]  memdup_user+0x22/0xd0
[ 1005.811034]  strndup_user+0x74/0xe0
[ 1005.811904]  __x64_sys_mount+0x133/0x300
[ 1005.811966] FAULT_INJECTION: forcing a failure.
[ 1005.811966] name failslab, interval 1, probability 0, space 0, times 0
[ 1005.812859]  ? copy_mnt_ns+0xa00/0xa00
[ 1005.812894]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1005.816300]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1005.817486]  do_syscall_64+0x33/0x40
[ 1005.818320]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1005.819495] RIP: 0033:0x7f78c750cb19
[ 1005.820326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1005.824613] RSP: 002b:00007f78c4a82188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1005.826390] RAX: ffffffffffffffda RBX: 00007f78c761ff60 RCX: 00007f78c750cb19
[ 1005.828055] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1005.829705] RBP: 00007f78c4a821d0 R08: 0000000020000400 R09: 0000000000000000
[ 1005.831371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1005.833035] R13: 00007ffff9b84e2f R14: 00007f78c4a82300 R15: 0000000000022000
[ 1005.834707] CPU: 1 PID: 8487 Comm: syz-executor.0 Not tainted 5.10.245 #1
[ 1005.835509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1005.836470] Call Trace:
[ 1005.836778]  dump_stack+0x107/0x167
[ 1005.837200]  should_fail.cold+0x5/0xa
[ 1005.837644]  should_failslab+0x5/0x20
[ 1005.838079]  __kmalloc_track_caller+0x79/0x370
[ 1005.838602]  ? strndup_user+0x74/0xe0
[ 1005.839038]  memdup_user+0x22/0xd0
[ 1005.839450]  strndup_user+0x74/0xe0
[ 1005.839869]  __x64_sys_mount+0x133/0x300
[ 1005.840340]  ? copy_mnt_ns+0xa00/0xa00
[ 1005.840796]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1005.841398]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1005.841995]  do_syscall_64+0x33/0x40
[ 1005.842422]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1005.843008] RIP: 0033:0x7fe232629b19
[ 1005.843441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1005.845571] RSP: 002b:00007fe22fb9f188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1005.846462] RAX: ffffffffffffffda RBX: 00007fe23273cf60 RCX: 00007fe232629b19
[ 1005.847274] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1005.848098] RBP: 00007fe22fb9f1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1005.848921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1005.849750] R13: 00007ffcfb4c3d8f R14: 00007fe22fb9f300 R15: 0000000000022000
20:35:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x74}, 0x0)

20:35:12 executing program 2:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xe76f}}, './file1/file0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x800008, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:35:12 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r2, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r3, 0x5450)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:35:12 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 2)

20:35:12 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 2)

[ 1005.984932] FAULT_INJECTION: forcing a failure.
[ 1005.984932] name failslab, interval 1, probability 0, space 0, times 0
[ 1005.986306] CPU: 1 PID: 8500 Comm: syz-executor.5 Not tainted 5.10.245 #1
[ 1005.987096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1005.988066] Call Trace:
[ 1005.988389]  dump_stack+0x107/0x167
[ 1005.988813]  should_fail.cold+0x5/0xa
[ 1005.989253]  ? create_object.isra.0+0x3a/0xa30
[ 1005.989785]  should_failslab+0x5/0x20
[ 1005.990227]  kmem_cache_alloc+0x5b/0x310
[ 1005.990702]  create_object.isra.0+0x3a/0xa30
[ 1005.991206]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1005.991795]  __kmalloc_track_caller+0x177/0x370
[ 1005.992346]  ? strndup_user+0x74/0xe0
[ 1005.992793]  memdup_user+0x22/0xd0
[ 1005.993206]  strndup_user+0x74/0xe0
[ 1005.993636]  __x64_sys_mount+0x133/0x300
[ 1005.994107]  ? copy_mnt_ns+0xa00/0xa00
[ 1005.994566]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1005.995174]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1005.995770]  do_syscall_64+0x33/0x40
[ 1005.996209]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1005.996617] 9pnet: Insufficient options for proto=fd
[ 1005.996799] RIP: 0033:0x7fd5f2a0cb19
[ 1005.996819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.000494] RSP: 002b:00007fd5eff82188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1006.001374] RAX: ffffffffffffffda RBX: 00007fd5f2b1ff60 RCX: 00007fd5f2a0cb19
[ 1006.002203] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1006.003028] RBP: 00007fd5eff821d0 R08: 0000000020000400 R09: 0000000000000000
[ 1006.003851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.004678] R13: 00007ffcd398848f R14: 00007fd5eff82300 R15: 0000000000022000
20:35:12 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 2)

20:35:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf0}, 0x0)

20:35:12 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 1)

[ 1006.024131] FAULT_INJECTION: forcing a failure.
[ 1006.024131] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.026640] CPU: 0 PID: 8503 Comm: syz-executor.4 Not tainted 5.10.245 #1
[ 1006.028138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1006.029932] Call Trace:
[ 1006.030508]  dump_stack+0x107/0x167
[ 1006.031298]  should_fail.cold+0x5/0xa
[ 1006.032134]  ? create_object.isra.0+0x3a/0xa30
[ 1006.033126]  should_failslab+0x5/0x20
[ 1006.033949]  kmem_cache_alloc+0x5b/0x310
[ 1006.034830]  create_object.isra.0+0x3a/0xa30
[ 1006.035778]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1006.036895]  __kmalloc_track_caller+0x177/0x370
[ 1006.037897]  ? strndup_user+0x74/0xe0
[ 1006.038733]  memdup_user+0x22/0xd0
[ 1006.039500]  strndup_user+0x74/0xe0
[ 1006.040304]  __x64_sys_mount+0x133/0x300
[ 1006.041181]  ? copy_mnt_ns+0xa00/0xa00
[ 1006.042031]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1006.043159]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.044117] FAULT_INJECTION: forcing a failure.
[ 1006.044117] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.044281]  do_syscall_64+0x33/0x40
[ 1006.046377]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1006.047491] RIP: 0033:0x7f78c750cb19
[ 1006.048302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.052329] RSP: 002b:00007f78c4a82188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1006.053988] RAX: ffffffffffffffda RBX: 00007f78c761ff60 RCX: 00007f78c750cb19
[ 1006.055540] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1006.057106] RBP: 00007f78c4a821d0 R08: 0000000020000400 R09: 0000000000000000
[ 1006.058671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.060233] R13: 00007ffff9b84e2f R14: 00007f78c4a82300 R15: 0000000000022000
[ 1006.061807] CPU: 1 PID: 8508 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1006.062616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1006.063562] Call Trace:
[ 1006.063871]  dump_stack+0x107/0x167
[ 1006.064296]  should_fail.cold+0x5/0xa
[ 1006.064737]  should_failslab+0x5/0x20
[ 1006.065178]  __kmalloc_track_caller+0x79/0x370
[ 1006.065697]  ? strndup_user+0x74/0xe0
[ 1006.066135]  memdup_user+0x22/0xd0
[ 1006.066542]  strndup_user+0x74/0xe0
[ 1006.066959]  __x64_sys_mount+0x133/0x300
[ 1006.067423]  ? copy_mnt_ns+0xa00/0xa00
[ 1006.067875]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1006.068486]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.069077]  do_syscall_64+0x33/0x40
[ 1006.069506]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1006.070094] RIP: 0033:0x7faeaa885b19
[ 1006.070522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.072624] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1006.073499] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1006.074318] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1006.075131] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1006.075958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.076797] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:35:12 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 2)

[ 1006.091181] FAULT_INJECTION: forcing a failure.
[ 1006.091181] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.092591] CPU: 1 PID: 8512 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1006.093375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1006.094331] Call Trace:
[ 1006.094647]  dump_stack+0x107/0x167
[ 1006.095066]  should_fail.cold+0x5/0xa
[ 1006.095507]  ? create_object.isra.0+0x3a/0xa30
[ 1006.096047]  should_failslab+0x5/0x20
[ 1006.096493]  kmem_cache_alloc+0x5b/0x310
[ 1006.096977]  create_object.isra.0+0x3a/0xa30
[ 1006.097481]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1006.098066]  __kmalloc_track_caller+0x177/0x370
[ 1006.098604]  ? strndup_user+0x74/0xe0
[ 1006.099046]  memdup_user+0x22/0xd0
[ 1006.099455]  strndup_user+0x74/0xe0
[ 1006.099877]  __x64_sys_mount+0x133/0x300
[ 1006.100355]  ? copy_mnt_ns+0xa00/0xa00
[ 1006.100515] FAULT_INJECTION: forcing a failure.
[ 1006.100515] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.100809]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1006.100823]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.100841]  do_syscall_64+0x33/0x40
[ 1006.104859]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1006.105451] RIP: 0033:0x7f9e20d43b19
[ 1006.105884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.108033] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1006.108917] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1006.109748] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1006.110582] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1006.111423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.112272] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1006.113140] CPU: 0 PID: 8514 Comm: syz-executor.0 Not tainted 5.10.245 #1
20:35:12 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r2, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r3, 0x5450)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1006.114615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1006.116676] Call Trace:
[ 1006.117252]  dump_stack+0x107/0x167
[ 1006.118045]  should_fail.cold+0x5/0xa
[ 1006.118881]  ? create_object.isra.0+0x3a/0xa30
[ 1006.119882]  should_failslab+0x5/0x20
[ 1006.120719]  kmem_cache_alloc+0x5b/0x310
[ 1006.121604]  create_object.isra.0+0x3a/0xa30
[ 1006.122565]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1006.123668]  __kmalloc_track_caller+0x177/0x370
[ 1006.124682]  ? strndup_user+0x74/0xe0
[ 1006.125520]  memdup_user+0x22/0xd0
[ 1006.126292]  strndup_user+0x74/0xe0
[ 1006.127087]  __x64_sys_mount+0x133/0x300
[ 1006.127978]  ? copy_mnt_ns+0xa00/0xa00
[ 1006.128833]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1006.129975]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.131090]  do_syscall_64+0x33/0x40
[ 1006.131904]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1006.133016] RIP: 0033:0x7fe232629b19
[ 1006.133817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.137785] RSP: 002b:00007fe22fb9f188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1006.139440] RAX: ffffffffffffffda RBX: 00007fe23273cf60 RCX: 00007fe232629b19
[ 1006.140996] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1006.142546] RBP: 00007fe22fb9f1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1006.144107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.145669] R13: 00007ffcfb4c3d8f R14: 00007fe22fb9f300 R15: 0000000000022000
20:35:25 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 3)

20:35:25 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 3)

20:35:25 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:35:25 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 2)

20:35:25 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 3)

20:35:25 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf00}, 0x0)

20:35:25 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 3)

[ 1018.757147] FAULT_INJECTION: forcing a failure.
[ 1018.757147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1018.758654] CPU: 1 PID: 8532 Comm: syz-executor.0 Not tainted 5.10.245 #1
[ 1018.759498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1018.760550] Call Trace:
[ 1018.760883]  dump_stack+0x107/0x167
[ 1018.761346]  should_fail.cold+0x5/0xa
[ 1018.761820]  _copy_from_user+0x2e/0x1b0
[ 1018.762320]  memdup_user+0x65/0xd0
[ 1018.762769]  strndup_user+0x74/0xe0
[ 1018.763216]  __x64_sys_mount+0x133/0x300
[ 1018.763719]  ? copy_mnt_ns+0xa00/0xa00
[ 1018.764216]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1018.764876]  ? syscall_enter_from_user_mode+0x1d/0x50
20:35:25 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r2, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r3, 0x5450)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1018.765704]  do_syscall_64+0x33/0x40
[ 1018.766317]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1018.766966] RIP: 0033:0x7fe232629b19
[ 1018.767424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1018.769703] RSP: 002b:00007fe22fb9f188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1018.770641] RAX: ffffffffffffffda RBX: 00007fe23273cf60 RCX: 00007fe232629b19
[ 1018.771516] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1018.772413] RBP: 00007fe22fb9f1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1018.773296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1018.774176] R13: 00007ffcfb4c3d8f R14: 00007fe22fb9f300 R15: 0000000000022000
[ 1018.776297] FAULT_INJECTION: forcing a failure.
[ 1018.776297] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1018.777751] CPU: 1 PID: 8533 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1018.778587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1018.779597] Call Trace:
[ 1018.779915]  dump_stack+0x107/0x167
[ 1018.780372]  should_fail.cold+0x5/0xa
[ 1018.780855]  _copy_from_user+0x2e/0x1b0
[ 1018.781338]  memdup_user+0x65/0xd0
[ 1018.781782]  strndup_user+0x74/0xe0
[ 1018.782003] FAULT_INJECTION: forcing a failure.
[ 1018.782003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1018.782226]  __x64_sys_mount+0x133/0x300
[ 1018.782248]  ? copy_mnt_ns+0xa00/0xa00
[ 1018.786365]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1018.787003]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1018.787641]  do_syscall_64+0x33/0x40
[ 1018.788104]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1018.788730] RIP: 0033:0x7f9e20d43b19
[ 1018.789180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1018.791412] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1018.792367] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1018.793244] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1018.794112] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1018.794985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1018.795860] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1018.796781] CPU: 0 PID: 8539 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1018.798430] FAULT_INJECTION: forcing a failure.
[ 1018.798430] name failslab, interval 1, probability 0, space 0, times 0
[ 1018.798557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1018.798565] Call Trace:
[ 1018.798596]  dump_stack+0x107/0x167
[ 1018.803111]  should_fail.cold+0x5/0xa
[ 1018.803936]  _copy_from_user+0x2e/0x1b0
[ 1018.805117]  memdup_user+0x65/0xd0
[ 1018.806028]  strndup_user+0x74/0xe0
[ 1018.806955]  __x64_sys_mount+0x133/0x300
[ 1018.807980]  ? copy_mnt_ns+0xa00/0xa00
[ 1018.808977]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1018.810195]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1018.811379]  do_syscall_64+0x33/0x40
[ 1018.812234]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1018.813422] RIP: 0033:0x7f2fae613b19
[ 1018.814285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1018.818523] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1018.820277] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1018.821932] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1018.823597] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1018.825255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1018.826901] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1018.828585] CPU: 1 PID: 8535 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1018.829566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1018.830743] Call Trace:
[ 1018.831133]  dump_stack+0x107/0x167
[ 1018.831662]  should_fail.cold+0x5/0xa
[ 1018.832214]  ? create_object.isra.0+0x3a/0xa30
[ 1018.832869]  should_failslab+0x5/0x20
[ 1018.833408]  kmem_cache_alloc+0x5b/0x310
[ 1018.833995]  create_object.isra.0+0x3a/0xa30
[ 1018.834620]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1018.835345]  __kmalloc_track_caller+0x177/0x370
[ 1018.835991]  ? strndup_user+0x74/0xe0
[ 1018.836558]  memdup_user+0x22/0xd0
[ 1018.837074]  strndup_user+0x74/0xe0
[ 1018.837580]  __x64_sys_mount+0x133/0x300
[ 1018.838140]  ? copy_mnt_ns+0xa00/0xa00
[ 1018.838686]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1018.839421]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1018.840177]  do_syscall_64+0x33/0x40
[ 1018.840621]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1018.841227] RIP: 0033:0x7faeaa885b19
[ 1018.841666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1018.843831] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1018.844684] FAULT_INJECTION: forcing a failure.
[ 1018.844684] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1018.844734] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1018.844740] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1018.844746] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1018.844751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1018.844767] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1018.851627] CPU: 0 PID: 8543 Comm: syz-executor.5 Not tainted 5.10.245 #1
[ 1018.853238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1018.855198] Call Trace:
[ 1018.855815]  dump_stack+0x107/0x167
[ 1018.856675]  should_fail.cold+0x5/0xa
[ 1018.857592]  _copy_from_user+0x2e/0x1b0
[ 1018.858535]  memdup_user+0x65/0xd0
[ 1018.859357]  strndup_user+0x74/0xe0
[ 1018.860217]  __x64_sys_mount+0x133/0x300
[ 1018.861165]  ? copy_mnt_ns+0xa00/0xa00
[ 1018.862092]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1018.863321]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1018.864540]  do_syscall_64+0x33/0x40
[ 1018.865421]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1018.866617] RIP: 0033:0x7fd5f2a0cb19
[ 1018.867488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1018.871890] RSP: 002b:00007fd5eff82188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1018.873694] RAX: ffffffffffffffda RBX: 00007fd5f2b1ff60 RCX: 00007fd5f2a0cb19
[ 1018.875391] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1018.877087] RBP: 00007fd5eff821d0 R08: 0000000020000400 R09: 0000000000000000
[ 1018.878755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1018.880505] R13: 00007ffcd398848f R14: 00007fd5eff82300 R15: 0000000000022000
20:35:37 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 4)

20:35:37 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 4)

20:35:37 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 4)

20:35:37 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x7400}, 0x0)

20:35:37 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 4)

20:35:37 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:35:37 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 3)

20:35:37 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r2, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r3, 0x5450)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1030.790760] FAULT_INJECTION: forcing a failure.
[ 1030.790760] name failslab, interval 1, probability 0, space 0, times 0
[ 1030.792119] FAULT_INJECTION: forcing a failure.
[ 1030.792119] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1030.792715] CPU: 0 PID: 8563 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1030.796412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1030.797740] Call Trace:
[ 1030.798165]  dump_stack+0x107/0x167
[ 1030.798757]  should_fail.cold+0x5/0xa
[ 1030.799386]  ? copy_mount_options+0x55/0x180
[ 1030.800088]  should_failslab+0x5/0x20
[ 1030.800714]  kmem_cache_alloc_trace+0x55/0x320
[ 1030.801439]  ? _copy_from_user+0xfb/0x1b0
[ 1030.802106]  copy_mount_options+0x55/0x180
[ 1030.802784]  __x64_sys_mount+0x1a8/0x300
[ 1030.803443]  ? copy_mnt_ns+0xa00/0xa00
[ 1030.804078]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1030.804999]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1030.805828]  do_syscall_64+0x33/0x40
[ 1030.806423]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1030.807246] RIP: 0033:0x7f9e20d43b19
[ 1030.807854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1030.810854] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1030.812086] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1030.813245] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1030.814384] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1030.815544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1030.816735] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1030.817915] CPU: 1 PID: 8562 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1030.819537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1030.821495] Call Trace:
[ 1030.822110]  dump_stack+0x107/0x167
[ 1030.822961]  should_fail.cold+0x5/0xa
[ 1030.823862]  _copy_from_user+0x2e/0x1b0
[ 1030.824723] FAULT_INJECTION: forcing a failure.
[ 1030.824723] name failslab, interval 1, probability 0, space 0, times 0
[ 1030.824801]  memdup_user+0x65/0xd0
[ 1030.824820]  strndup_user+0x74/0xe0
[ 1030.828227]  __x64_sys_mount+0x133/0x300
[ 1030.829183]  ? copy_mnt_ns+0xa00/0xa00
[ 1030.830099]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1030.831334]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1030.832558]  do_syscall_64+0x33/0x40
[ 1030.833430]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1030.834616] RIP: 0033:0x7faeaa885b19
[ 1030.835485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1030.839780] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1030.841576] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1030.843236] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1030.844916] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1030.846577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1030.848250] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1030.849919] CPU: 0 PID: 8568 Comm: syz-executor.5 Not tainted 5.10.245 #1
[ 1030.851017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1030.852349] Call Trace:
[ 1030.852767]  dump_stack+0x107/0x167
[ 1030.853345]  should_fail.cold+0x5/0xa
[ 1030.853947]  ? copy_mount_options+0x55/0x180
[ 1030.854653]  should_failslab+0x5/0x20
[ 1030.855265]  kmem_cache_alloc_trace+0x55/0x320
[ 1030.855989]  ? _copy_from_user+0xfb/0x1b0
[ 1030.856667]  copy_mount_options+0x55/0x180
[ 1030.857352]  __x64_sys_mount+0x1a8/0x300
[ 1030.858001]  ? copy_mnt_ns+0xa00/0xa00
[ 1030.858618]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1030.859445]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1030.860276]  do_syscall_64+0x33/0x40
[ 1030.860869]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1030.861687] RIP: 0033:0x7fd5f2a0cb19
[ 1030.862278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1030.865228] RSP: 002b:00007fd5eff82188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1030.866457] RAX: ffffffffffffffda RBX: 00007fd5f2b1ff60 RCX: 00007fd5f2a0cb19
[ 1030.867578] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1030.868704] RBP: 00007fd5eff821d0 R08: 0000000020000400 R09: 0000000000000000
[ 1030.869832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1030.870945] R13: 00007ffcd398848f R14: 00007fd5eff82300 R15: 0000000000022000
[ 1030.880976] FAULT_INJECTION: forcing a failure.
[ 1030.880976] name failslab, interval 1, probability 0, space 0, times 0
[ 1030.883565] CPU: 1 PID: 8572 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1030.885138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1030.887049] Call Trace:
[ 1030.887652]  dump_stack+0x107/0x167
20:35:37 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r2, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r3, 0x5450)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1030.888504]  should_fail.cold+0x5/0xa
[ 1030.889694]  ? copy_mount_options+0x55/0x180
[ 1030.890694]  should_failslab+0x5/0x20
[ 1030.891580]  kmem_cache_alloc_trace+0x55/0x320
[ 1030.892621]  ? _copy_from_user+0xfb/0x1b0
[ 1030.893570]  copy_mount_options+0x55/0x180
[ 1030.894529]  __x64_sys_mount+0x1a8/0x300
20:35:37 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf000}, 0x0)

[ 1030.895452]  ? copy_mnt_ns+0xa00/0xa00
[ 1030.896422]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1030.897612]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1030.898786]  do_syscall_64+0x33/0x40
[ 1030.899630]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1030.900810] RIP: 0033:0x7f2fae613b19
[ 1030.901653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1030.905862] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1030.907602] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1030.909252] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1030.910892] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1030.912566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1030.914208] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:35:37 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:35:37 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x80000}, 0x0)

20:35:37 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 5)

20:35:37 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:35:37 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:35:37 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf0ffff}, 0x0)

[ 1031.020295] FAULT_INJECTION: forcing a failure.
[ 1031.020295] name failslab, interval 1, probability 0, space 0, times 0
[ 1031.022089] CPU: 0 PID: 8692 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1031.023107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1031.024374] Call Trace:
[ 1031.024772]  dump_stack+0x107/0x167
[ 1031.025308]  should_fail.cold+0x5/0xa
[ 1031.025882]  ? create_object.isra.0+0x3a/0xa30
[ 1031.026562]  should_failslab+0x5/0x20
[ 1031.027126]  kmem_cache_alloc+0x5b/0x310
[ 1031.027738]  create_object.isra.0+0x3a/0xa30
[ 1031.028402]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1031.029149]  kmem_cache_alloc_trace+0x151/0x320
[ 1031.029845]  ? _copy_from_user+0xfb/0x1b0
[ 1031.030466]  copy_mount_options+0x55/0x180
[ 1031.031099]  __x64_sys_mount+0x1a8/0x300
[ 1031.031688]  ? copy_mnt_ns+0xa00/0xa00
[ 1031.032269]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1031.033034]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1031.033797]  do_syscall_64+0x33/0x40
[ 1031.034339]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1031.035096] RIP: 0033:0x7f9e20d43b19
[ 1031.035640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1031.038327] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1031.039459] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1031.040512] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1031.041554] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1031.042614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1031.043674] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
20:35:52 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:35:52 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:35:52 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 6)

20:35:52 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 5)

[ 1045.733473] FAULT_INJECTION: forcing a failure.
[ 1045.733473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1045.736221] CPU: 1 PID: 8710 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1045.737761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1045.739894] Call Trace:
[ 1045.740597]  dump_stack+0x107/0x167
20:35:52 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 5)

[ 1045.741551]  should_fail.cold+0x5/0xa
[ 1045.742672]  _copy_from_user+0x2e/0x1b0
[ 1045.743700]  copy_mount_options+0x76/0x180
[ 1045.744810]  __x64_sys_mount+0x1a8/0x300
[ 1045.745856]  ? copy_mnt_ns+0xa00/0xa00
[ 1045.746877]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1045.748237]  ? syscall_enter_from_user_mode+0x1d/0x50
20:35:52 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x1000000}, 0x0)

20:35:52 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 4)

20:35:52 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1045.749584]  do_syscall_64+0x33/0x40
[ 1045.750696]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1045.752022] RIP: 0033:0x7f9e20d43b19
[ 1045.752986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1045.754270] FAULT_INJECTION: forcing a failure.
[ 1045.754270] name failslab, interval 1, probability 0, space 0, times 0
[ 1045.757734] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1045.757758] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1045.757778] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1045.765566] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1045.767400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1045.769247] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1045.771098] CPU: 0 PID: 8714 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1045.772463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1045.774087] Call Trace:
[ 1045.774613]  dump_stack+0x107/0x167
[ 1045.775338]  should_fail.cold+0x5/0xa
[ 1045.776089]  ? create_object.isra.0+0x3a/0xa30
[ 1045.776989]  should_failslab+0x5/0x20
[ 1045.777739]  kmem_cache_alloc+0x5b/0x310
[ 1045.778535]  create_object.isra.0+0x3a/0xa30
[ 1045.779392]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1045.780403]  kmem_cache_alloc_trace+0x151/0x320
[ 1045.781330]  ? _copy_from_user+0xfb/0x1b0
[ 1045.782147]  copy_mount_options+0x55/0x180
[ 1045.782983]  __x64_sys_mount+0x1a8/0x300
[ 1045.783777]  ? copy_mnt_ns+0xa00/0xa00
[ 1045.784564]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1045.785589]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1045.786609]  do_syscall_64+0x33/0x40
[ 1045.787336]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1045.788341] RIP: 0033:0x7f2fae613b19
[ 1045.789074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1045.792701] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1045.794194] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1045.795595] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1045.797009] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1045.798403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1045.799804] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1045.818271] FAULT_INJECTION: forcing a failure.
[ 1045.818271] name failslab, interval 1, probability 0, space 0, times 0
[ 1045.820622] CPU: 0 PID: 8728 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1045.821987] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1045.823617] Call Trace:
[ 1045.824137]  dump_stack+0x107/0x167
[ 1045.824864]  should_fail.cold+0x5/0xa
[ 1045.825618]  ? copy_mount_options+0x55/0x180
[ 1045.826494]  should_failslab+0x5/0x20
[ 1045.827236]  kmem_cache_alloc_trace+0x55/0x320
[ 1045.828129]  ? _copy_from_user+0xfb/0x1b0
[ 1045.828970]  copy_mount_options+0x55/0x180
[ 1045.829800]  __x64_sys_mount+0x1a8/0x300
[ 1045.830601]  ? copy_mnt_ns+0xa00/0xa00
[ 1045.831368]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1045.832419]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1045.833454]  do_syscall_64+0x33/0x40
[ 1045.834191]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1045.835201] RIP: 0033:0x7faeaa885b19
[ 1045.835935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1045.839571] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1045.841091] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1045.842493] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1045.843903] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1045.845327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1045.846733] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:35:52 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x2000000}, 0x0)

[ 1045.899741] 9pnet: Insufficient options for proto=fd
20:35:52 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:35:52 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 7)

20:35:52 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:35:52 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:35:52 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 5)

20:35:52 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1046.038432] FAULT_INJECTION: forcing a failure.
[ 1046.038432] name failslab, interval 1, probability 0, space 0, times 0
[ 1046.040722] CPU: 0 PID: 8945 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1046.041979] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1046.043719] Call Trace:
[ 1046.044182]  dump_stack+0x107/0x167
[ 1046.044958]  should_fail.cold+0x5/0xa
[ 1046.045764]  ? getname_flags.part.0+0x50/0x4f0
[ 1046.046726]  should_failslab+0x5/0x20
[ 1046.047530]  kmem_cache_alloc+0x5b/0x310
[ 1046.048230]  getname_flags.part.0+0x50/0x4f0
[ 1046.049166]  ? _copy_from_user+0xfb/0x1b0
[ 1046.049922]  user_path_at_empty+0xa1/0x100
[ 1046.050806]  __x64_sys_mount+0x1e9/0x300
[ 1046.051555]  ? copy_mnt_ns+0xa00/0xa00
[ 1046.052376]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1046.053328]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1046.054225]  do_syscall_64+0x33/0x40
[ 1046.055009]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1046.055889] RIP: 0033:0x7f9e20d43b19
[ 1046.056682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1046.059877] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1046.061485] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1046.062989] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1046.064503] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1046.066001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1046.067503] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1046.084468] FAULT_INJECTION: forcing a failure.
[ 1046.084468] name failslab, interval 1, probability 0, space 0, times 0
[ 1046.086951] CPU: 1 PID: 8982 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1046.088415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1046.090162] Call Trace:
[ 1046.090724]  dump_stack+0x107/0x167
[ 1046.091500]  should_fail.cold+0x5/0xa
[ 1046.092304]  ? create_object.isra.0+0x3a/0xa30
[ 1046.093282]  should_failslab+0x5/0x20
[ 1046.094085]  kmem_cache_alloc+0x5b/0x310
[ 1046.094946]  create_object.isra.0+0x3a/0xa30
[ 1046.095872]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1046.096956]  kmem_cache_alloc_trace+0x151/0x320
[ 1046.097940]  ? _copy_from_user+0xfb/0x1b0
[ 1046.098817]  copy_mount_options+0x55/0x180
[ 1046.099710]  __x64_sys_mount+0x1a8/0x300
[ 1046.100577]  ? copy_mnt_ns+0xa00/0xa00
[ 1046.101396]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1046.102496]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1046.103586]  do_syscall_64+0x33/0x40
[ 1046.104371]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1046.105453] RIP: 0033:0x7faeaa885b19
[ 1046.106232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1046.110104] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1046.111715] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1046.113233] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1046.114736] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1046.116242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1046.117755] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:36:05 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:36:05 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf000000}, 0x0)

20:36:05 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1059.090702] FAULT_INJECTION: forcing a failure.
[ 1059.090702] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.094831] CPU: 1 PID: 9073 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1059.096275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.098027] Call Trace:
[ 1059.098590]  dump_stack+0x107/0x167
[ 1059.099359]  should_fail.cold+0x5/0xa
[ 1059.100165]  ? create_object.isra.0+0x3a/0xa30
[ 1059.101140]  should_failslab+0x5/0x20
[ 1059.101943]  kmem_cache_alloc+0x5b/0x310
[ 1059.102803]  create_object.isra.0+0x3a/0xa30
[ 1059.103206] FAULT_INJECTION: forcing a failure.
[ 1059.103206] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1059.103727]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1059.103751]  kmem_cache_alloc+0x159/0x310
[ 1059.103774]  getname_flags.part.0+0x50/0x4f0
[ 1059.103799]  ? _copy_from_user+0xfb/0x1b0
[ 1059.109072]  user_path_at_empty+0xa1/0x100
[ 1059.109978]  __x64_sys_mount+0x1e9/0x300
[ 1059.110842]  ? copy_mnt_ns+0xa00/0xa00
[ 1059.111670]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1059.112798]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1059.113890]  do_syscall_64+0x33/0x40
[ 1059.114682]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.115770] RIP: 0033:0x7f9e20d43b19
[ 1059.116568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.120460] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.122073] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1059.123590] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1059.125098] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1059.126609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1059.128116] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1059.129656] CPU: 0 PID: 9077 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1059.130583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.131679] Call Trace:
[ 1059.132038]  dump_stack+0x107/0x167
[ 1059.132642]  should_fail.cold+0x5/0xa
[ 1059.133261]  _copy_from_user+0x2e/0x1b0
[ 1059.133904]  copy_mount_options+0x76/0x180
[ 1059.134582]  __x64_sys_mount+0x1a8/0x300
[ 1059.135232]  ? copy_mnt_ns+0xa00/0xa00
[ 1059.135862]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1059.136706]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1059.137535]  do_syscall_64+0x33/0x40
[ 1059.138135]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.138961] RIP: 0033:0x7faeaa885b19
[ 1059.139561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.142517] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.143735] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1059.144881] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1059.146031] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1059.147182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1059.148331] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:36:05 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 6)

20:36:05 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 8)

20:36:05 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:05 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:05 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 6)

[ 1059.156215] FAULT_INJECTION: forcing a failure.
[ 1059.156215] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1059.158918] CPU: 1 PID: 9084 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1059.160430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.162247] Call Trace:
[ 1059.162826]  dump_stack+0x107/0x167
[ 1059.163620]  should_fail.cold+0x5/0xa
[ 1059.164456]  _copy_from_user+0x2e/0x1b0
[ 1059.165338]  copy_mount_options+0x76/0x180
[ 1059.166256]  __x64_sys_mount+0x1a8/0x300
[ 1059.167132]  ? copy_mnt_ns+0xa00/0xa00
[ 1059.167978]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1059.169123]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1059.170251]  do_syscall_64+0x33/0x40
[ 1059.171060]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.172173] RIP: 0033:0x7f2fae613b19
[ 1059.172987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.176989] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.178645] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1059.180194] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1059.181745] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1059.183292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1059.184858] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:36:05 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x74000000}, 0x0)

20:36:05 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:36:05 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 9)

20:36:05 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 7)

20:36:05 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x9effffff}, 0x0)

20:36:05 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1059.306076] FAULT_INJECTION: forcing a failure.
[ 1059.306076] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.307682] CPU: 0 PID: 9300 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1059.308715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.309726] Call Trace:
[ 1059.310125]  dump_stack+0x107/0x167
[ 1059.310672]  should_fail.cold+0x5/0xa
[ 1059.311235]  ? getname_flags.part.0+0x50/0x4f0
[ 1059.311915]  should_failslab+0x5/0x20
[ 1059.312478]  kmem_cache_alloc+0x5b/0x310
[ 1059.313102]  getname_flags.part.0+0x50/0x4f0
[ 1059.313752]  ? _copy_from_user+0xfb/0x1b0
[ 1059.314380]  user_path_at_empty+0xa1/0x100
[ 1059.315009]  __x64_sys_mount+0x1e9/0x300
[ 1059.315613]  ? copy_mnt_ns+0xa00/0xa00
[ 1059.315858] FAULT_INJECTION: forcing a failure.
[ 1059.315858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1059.316196]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1059.319514]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1059.320275]  do_syscall_64+0x33/0x40
[ 1059.320832]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.321586] RIP: 0033:0x7faeaa885b19
[ 1059.322131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.324864] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.325983] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1059.327029] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1059.327898] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1059.328956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1059.329827] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1059.330901] CPU: 1 PID: 9303 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1059.332410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.334246] Call Trace:
[ 1059.334827]  dump_stack+0x107/0x167
[ 1059.335631]  should_fail.cold+0x5/0xa
[ 1059.336475]  strncpy_from_user+0x34/0x470
[ 1059.337393]  getname_flags.part.0+0x95/0x4f0
[ 1059.338348]  ? _copy_from_user+0xfb/0x1b0
[ 1059.339254]  user_path_at_empty+0xa1/0x100
[ 1059.340180]  __x64_sys_mount+0x1e9/0x300
[ 1059.341066]  ? copy_mnt_ns+0xa00/0xa00
[ 1059.341919]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1059.343066]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1059.344195]  do_syscall_64+0x33/0x40
[ 1059.345012]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.346133] RIP: 0033:0x7f9e20d43b19
[ 1059.346372] 9pnet: Insufficient options for proto=fd
[ 1059.346937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.346948] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.353362] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1059.354931] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1059.356489] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1059.358014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1059.359523] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
20:36:05 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 7)

20:36:05 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf0ffffff}, 0x0)

20:36:05 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:05 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1059.410882] FAULT_INJECTION: forcing a failure.
[ 1059.410882] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.412317] CPU: 0 PID: 9341 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1059.413116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1059.414142] Call Trace:
[ 1059.414458]  dump_stack+0x107/0x167
[ 1059.414879]  should_fail.cold+0x5/0xa
[ 1059.415315]  ? getname_flags.part.0+0x50/0x4f0
[ 1059.415843]  should_failslab+0x5/0x20
[ 1059.416307]  kmem_cache_alloc+0x5b/0x310
[ 1059.416790]  getname_flags.part.0+0x50/0x4f0
[ 1059.417298]  ? _copy_from_user+0xfb/0x1b0
[ 1059.417778]  user_path_at_empty+0xa1/0x100
[ 1059.418260]  __x64_sys_mount+0x1e9/0x300
[ 1059.418729]  ? copy_mnt_ns+0xa00/0xa00
[ 1059.419183]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1059.419778]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1059.420366]  do_syscall_64+0x33/0x40
[ 1059.420798]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1059.421419] RIP: 0033:0x7f2fae613b19
[ 1059.421848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1059.424057] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.424938] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1059.425792] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1059.426610] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1059.427464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1059.428294] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:36:18 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 10)

20:36:18 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:36:18 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1071.464393] FAULT_INJECTION: forcing a failure.
[ 1071.464393] name failslab, interval 1, probability 0, space 0, times 0
[ 1071.466240] CPU: 1 PID: 9537 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1071.467298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1071.468600] Call Trace:
[ 1071.469034]  dump_stack+0x107/0x167
[ 1071.469623]  should_fail.cold+0x5/0xa
[ 1071.470220]  ? alloc_fs_context+0x57/0x840
[ 1071.470906]  should_failslab+0x5/0x20
20:36:18 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 8)

20:36:18 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1071.471510]  kmem_cache_alloc_trace+0x55/0x320
[ 1071.472394]  alloc_fs_context+0x57/0x840
[ 1071.473053]  path_mount+0xab1/0x21e0
[ 1071.473645]  ? strncpy_from_user+0x9e/0x470
[ 1071.474344]  ? finish_automount+0xa90/0xa90
[ 1071.475035]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1071.475790]  ? _copy_from_user+0xfb/0x1b0
[ 1071.476451]  __x64_sys_mount+0x282/0x300
[ 1071.477113]  ? copy_mnt_ns+0xa00/0xa00
[ 1071.477756]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1071.478596]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1071.479426]  do_syscall_64+0x33/0x40
[ 1071.480030]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1071.480855] RIP: 0033:0x7f9e20d43b19
[ 1071.481466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1071.484443] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
20:36:18 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 8)

20:36:18 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xfffff000}, 0x0)

[ 1071.485682] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1071.487007] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1071.488166] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
20:36:18 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:18 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1071.489331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1071.490584] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1071.500640] FAULT_INJECTION: forcing a failure.
[ 1071.500640] name failslab, interval 1, probability 0, space 0, times 0
[ 1071.502544] CPU: 1 PID: 9541 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1071.503674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1071.505043] Call Trace:
[ 1071.505472]  dump_stack+0x107/0x167
[ 1071.506064]  should_fail.cold+0x5/0xa
[ 1071.506686]  ? create_object.isra.0+0x3a/0xa30
[ 1071.507435]  should_failslab+0x5/0x20
[ 1071.508051]  kmem_cache_alloc+0x5b/0x310
[ 1071.508717]  create_object.isra.0+0x3a/0xa30
[ 1071.509424]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1071.510246]  kmem_cache_alloc+0x159/0x310
[ 1071.510919]  getname_flags.part.0+0x50/0x4f0
[ 1071.511634]  ? _copy_from_user+0xfb/0x1b0
20:36:18 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xffffff7f}, 0x0)

[ 1071.512297]  user_path_at_empty+0xa1/0x100
[ 1071.513167]  __x64_sys_mount+0x1e9/0x300
[ 1071.513825]  ? copy_mnt_ns+0xa00/0xa00
[ 1071.514462]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1071.515307]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1071.516150]  do_syscall_64+0x33/0x40
[ 1071.516763]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1071.517591] RIP: 0033:0x7f2fae613b19
[ 1071.518189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1071.521180] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1071.522417] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1071.523579] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1071.524745] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1071.525897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1071.527042] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1071.531964] FAULT_INJECTION: forcing a failure.
[ 1071.531964] name failslab, interval 1, probability 0, space 0, times 0
[ 1071.533789] CPU: 1 PID: 9547 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1071.534888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1071.536210] Call Trace:
[ 1071.536629]  dump_stack+0x107/0x167
[ 1071.537216]  should_fail.cold+0x5/0xa
[ 1071.537827]  ? create_object.isra.0+0x3a/0xa30
[ 1071.538553]  should_failslab+0x5/0x20
[ 1071.539159]  kmem_cache_alloc+0x5b/0x310
[ 1071.539814]  create_object.isra.0+0x3a/0xa30
[ 1071.540517]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1071.541345]  kmem_cache_alloc+0x159/0x310
[ 1071.542015]  getname_flags.part.0+0x50/0x4f0
[ 1071.542721]  ? _copy_from_user+0xfb/0x1b0
[ 1071.543388]  user_path_at_empty+0xa1/0x100
[ 1071.544068]  __x64_sys_mount+0x1e9/0x300
[ 1071.544736]  ? copy_mnt_ns+0xa00/0xa00
[ 1071.545376]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1071.546220]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1071.547052]  do_syscall_64+0x33/0x40
[ 1071.547655]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1071.548482] RIP: 0033:0x7faeaa885b19
[ 1071.549097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1071.552070] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1071.553309] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1071.554464] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1071.555616] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1071.556783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1071.557935] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:36:18 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1071.592655] 9pnet: Insufficient options for proto=fd
20:36:18 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 11)

20:36:18 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xffffff9e}, 0x0)

20:36:18 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 9)

20:36:18 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 9)

[ 1071.666085] FAULT_INJECTION: forcing a failure.
[ 1071.666085] name failslab, interval 1, probability 0, space 0, times 0
[ 1071.667645] CPU: 0 PID: 9766 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1071.668612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1071.669597] Call Trace:
[ 1071.669972]  dump_stack+0x107/0x167
[ 1071.670485]  should_fail.cold+0x5/0xa
[ 1071.671019]  ? create_object.isra.0+0x3a/0xa30
[ 1071.671661]  should_failslab+0x5/0x20
[ 1071.672201]  kmem_cache_alloc+0x5b/0x310
[ 1071.672784]  create_object.isra.0+0x3a/0xa30
[ 1071.673398]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1071.674120]  kmem_cache_alloc_trace+0x151/0x320
[ 1071.674787]  alloc_fs_context+0x57/0x840
[ 1071.675363]  path_mount+0xab1/0x21e0
[ 1071.675890]  ? strncpy_from_user+0x9e/0x470
[ 1071.676498]  ? finish_automount+0xa90/0xa90
[ 1071.677118]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1071.677777]  ? _copy_from_user+0xfb/0x1b0
[ 1071.678184] FAULT_INJECTION: forcing a failure.
[ 1071.678184] name failslab, interval 1, probability 0, space 0, times 0
[ 1071.678355]  __x64_sys_mount+0x282/0x300
[ 1071.680784]  ? copy_mnt_ns+0xa00/0xa00
[ 1071.681335]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1071.682070]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1071.682793]  do_syscall_64+0x33/0x40
[ 1071.683316]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1071.684034] RIP: 0033:0x7f9e20d43b19
[ 1071.684556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1071.687167] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1071.688237] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1071.689255] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1071.690094] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1071.691106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1071.691935] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1071.693010] CPU: 1 PID: 9774 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1071.694143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1071.695500] Call Trace:
[ 1071.695933]  dump_stack+0x107/0x167
[ 1071.696534]  should_fail.cold+0x5/0xa
[ 1071.697166]  ? create_object.isra.0+0x3a/0xa30
[ 1071.697903]  should_failslab+0x5/0x20
[ 1071.698513]  kmem_cache_alloc+0x5b/0x310
[ 1071.699170]  create_object.isra.0+0x3a/0xa30
[ 1071.699878]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1071.700708]  kmem_cache_alloc+0x159/0x310
[ 1071.701375]  getname_flags.part.0+0x50/0x4f0
[ 1071.702084]  ? _copy_from_user+0xfb/0x1b0
[ 1071.702754]  user_path_at_empty+0xa1/0x100
[ 1071.703435]  __x64_sys_mount+0x1e9/0x300
[ 1071.704086]  ? copy_mnt_ns+0xa00/0xa00
[ 1071.704725]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1071.705568]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1071.706398]  do_syscall_64+0x33/0x40
[ 1071.706997]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1071.707820] RIP: 0033:0x7f2fae613b19
[ 1071.708416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1071.711388] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1071.712616] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1071.713773] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1071.714918] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1071.716068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1071.717223] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1071.736478] FAULT_INJECTION: forcing a failure.
[ 1071.736478] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1071.738397] CPU: 1 PID: 9780 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1071.739511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1071.740865] Call Trace:
[ 1071.741290]  dump_stack+0x107/0x167
[ 1071.741883]  should_fail.cold+0x5/0xa
[ 1071.742505]  strncpy_from_user+0x34/0x470
[ 1071.743174]  getname_flags.part.0+0x95/0x4f0
[ 1071.743886]  ? _copy_from_user+0xfb/0x1b0
[ 1071.744557]  user_path_at_empty+0xa1/0x100
[ 1071.745245]  __x64_sys_mount+0x1e9/0x300
[ 1071.745899]  ? copy_mnt_ns+0xa00/0xa00
[ 1071.746528]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1071.747369]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1071.748205]  do_syscall_64+0x33/0x40
[ 1071.748814]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1071.749639] RIP: 0033:0x7faeaa885b19
[ 1071.750240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1071.753218] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1071.754448] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1071.755618] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1071.756785] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1071.757931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1071.759077] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1071.775889] 9pnet: Insufficient options for proto=fd
20:36:31 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:31 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 10)

20:36:31 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 10)

20:36:31 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:36:31 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:36:31 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 12)

20:36:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xfffffff0}, 0x0)

[ 1084.534856] FAULT_INJECTION: forcing a failure.
[ 1084.534856] name failslab, interval 1, probability 0, space 0, times 0
[ 1084.537334] CPU: 1 PID: 9795 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1084.538771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1084.540554] Call Trace:
[ 1084.541129]  dump_stack+0x107/0x167
[ 1084.541898]  should_fail.cold+0x5/0xa
[ 1084.542701]  ? alloc_fs_context+0x57/0x840
[ 1084.543590]  should_failslab+0x5/0x20
[ 1084.544402]  kmem_cache_alloc_trace+0x55/0x320
[ 1084.545391]  alloc_fs_context+0x57/0x840
[ 1084.546258]  path_mount+0xab1/0x21e0
[ 1084.547065]  ? strncpy_from_user+0x9e/0x470
[ 1084.547981]  ? finish_automount+0xa90/0xa90
[ 1084.548911]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1084.549906]  ? _copy_from_user+0xfb/0x1b0
[ 1084.550788]  __x64_sys_mount+0x282/0x300
[ 1084.551645]  ? copy_mnt_ns+0xa00/0xa00
[ 1084.552197] FAULT_INJECTION: forcing a failure.
[ 1084.552197] name failslab, interval 1, probability 0, space 0, times 0
[ 1084.552482]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1084.556003]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1084.557119]  do_syscall_64+0x33/0x40
[ 1084.557909]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1084.558991] RIP: 0033:0x7faeaa885b19
[ 1084.559779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1084.563686] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1084.565310] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1084.566827] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1084.568344] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1084.569876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1084.571403] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:36:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1084.572958] CPU: 0 PID: 9808 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1084.574585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1084.576374] Call Trace:
[ 1084.576965]  dump_stack+0x107/0x167
[ 1084.577748]  should_fail.cold+0x5/0xa
[ 1084.578574]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1084.579703]  should_failslab+0x5/0x20
[ 1084.580522]  __kmalloc_node+0x76/0x420
[ 1084.581374]  ? lock_downgrade+0x6d0/0x6d0
[ 1084.582273]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1084.583370]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1084.584459]  ? trace_hardirqs_on+0x5b/0x180
[ 1084.585405]  kmem_cache_alloc_trace+0x169/0x320
[ 1084.586410]  alloc_fs_context+0x57/0x840
[ 1084.587289]  path_mount+0xab1/0x21e0
[ 1084.588096]  ? strncpy_from_user+0x9e/0x470
[ 1084.589037]  ? finish_automount+0xa90/0xa90
[ 1084.589966]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1084.590964]  ? _copy_from_user+0xfb/0x1b0
[ 1084.591863]  __x64_sys_mount+0x282/0x300
[ 1084.592734]  ? copy_mnt_ns+0xa00/0xa00
[ 1084.593582]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1084.594723]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1084.595837]  do_syscall_64+0x33/0x40
[ 1084.596640]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1084.597769] RIP: 0033:0x7f9e20d43b19
[ 1084.598578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1084.602564] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1084.604193] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1084.605743] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1084.607269] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1084.608797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1084.610340] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1084.617984] FAULT_INJECTION: forcing a failure.
[ 1084.617984] name failslab, interval 1, probability 0, space 0, times 0
[ 1084.620564] CPU: 0 PID: 9792 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1084.622073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1084.623884] Call Trace:
[ 1084.624461]  dump_stack+0x107/0x167
[ 1084.625278]  should_fail.cold+0x5/0xa
[ 1084.626108]  ? alloc_fs_context+0x57/0x840
[ 1084.627026]  should_failslab+0x5/0x20
[ 1084.627852]  kmem_cache_alloc_trace+0x55/0x320
[ 1084.628858]  alloc_fs_context+0x57/0x840
[ 1084.629748]  path_mount+0xab1/0x21e0
[ 1084.630562]  ? strncpy_from_user+0x9e/0x470
[ 1084.631499]  ? finish_automount+0xa90/0xa90
[ 1084.632427]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1084.633450]  ? _copy_from_user+0xfb/0x1b0
[ 1084.634367]  __x64_sys_mount+0x282/0x300
[ 1084.635246]  ? copy_mnt_ns+0xa00/0xa00
[ 1084.636097]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1084.637250]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1084.638375]  do_syscall_64+0x33/0x40
[ 1084.639186]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1084.640299] RIP: 0033:0x7f2fae613b19
[ 1084.641118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1084.645139] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1084.646804] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1084.648360] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1084.649926] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1084.651478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1084.653043] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:36:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x8000000000000}, 0x0)

20:36:46 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:36:46 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:36:46 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 11)

20:36:46 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:46 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 11)

20:36:46 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf0ffffffffffff}, 0x0)

20:36:46 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 13)

20:36:46 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1099.602926] FAULT_INJECTION: forcing a failure.
[ 1099.602926] name failslab, interval 1, probability 0, space 0, times 0
[ 1099.606442] CPU: 0 PID: 10032 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1099.608502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1099.610977] Call Trace:
[ 1099.611763]  dump_stack+0x107/0x167
[ 1099.612850]  should_fail.cold+0x5/0xa
[ 1099.613997]  ? create_object.isra.0+0x3a/0xa30
[ 1099.615354]  should_failslab+0x5/0x20
[ 1099.616487]  kmem_cache_alloc+0x5b/0x310
[ 1099.617742]  create_object.isra.0+0x3a/0xa30
[ 1099.619052]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1099.620570]  kmem_cache_alloc_trace+0x151/0x320
[ 1099.621999]  alloc_fs_context+0x57/0x840
[ 1099.623220]  path_mount+0xab1/0x21e0
[ 1099.624206] FAULT_INJECTION: forcing a failure.
[ 1099.624206] name failslab, interval 1, probability 0, space 0, times 0
[ 1099.624340]  ? strncpy_from_user+0x9e/0x470
[ 1099.628112]  ? finish_automount+0xa90/0xa90
[ 1099.629409]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1099.630794]  ? _copy_from_user+0xfb/0x1b0
[ 1099.632035]  __x64_sys_mount+0x282/0x300
[ 1099.633250]  ? copy_mnt_ns+0xa00/0xa00
[ 1099.634401]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1099.635942]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1099.637475]  do_syscall_64+0x33/0x40
[ 1099.638476]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1099.639763] RIP: 0033:0x7f2fae613b19
[ 1099.640709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1099.645391] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1099.647338] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1099.649165] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1099.651007] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1099.652814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1099.654636] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1099.656473] CPU: 1 PID: 10042 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1099.658046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1099.659903] Call Trace:
[ 1099.660501]  dump_stack+0x107/0x167
[ 1099.661336]  should_fail.cold+0x5/0xa
[ 1099.662192]  ? create_object.isra.0+0x3a/0xa30
[ 1099.663218]  should_failslab+0x5/0x20
[ 1099.664074]  kmem_cache_alloc+0x5b/0x310
[ 1099.665006]  create_object.isra.0+0x3a/0xa30
[ 1099.666003]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1099.667152]  kmem_cache_alloc_trace+0x151/0x320
[ 1099.668199]  ? lockdep_init_map_type+0x2c7/0x780
[ 1099.669274]  legacy_init_fs_context+0x44/0xe0
[ 1099.670284]  ? generic_parse_monolithic+0x1f0/0x1f0
[ 1099.671402]  alloc_fs_context+0x4fd/0x840
[ 1099.672335]  path_mount+0xab1/0x21e0
[ 1099.673190]  ? strncpy_from_user+0x9e/0x470
[ 1099.673444] FAULT_INJECTION: forcing a failure.
[ 1099.673444] name failslab, interval 1, probability 0, space 0, times 0
[ 1099.674151]  ? finish_automount+0xa90/0xa90
[ 1099.674175]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1099.674203]  ? _copy_from_user+0xfb/0x1b0
[ 1099.679861]  __x64_sys_mount+0x282/0x300
[ 1099.680768]  ? copy_mnt_ns+0xa00/0xa00
[ 1099.681660]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1099.682836]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1099.683987]  do_syscall_64+0x33/0x40
[ 1099.684827]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1099.685985] RIP: 0033:0x7f9e20d43b19
[ 1099.686818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1099.690940] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1099.692643] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1099.694246] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1099.695837] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1099.697447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1099.699037] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1099.700659] CPU: 0 PID: 10049 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1099.702398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1099.704453] Call Trace:
[ 1099.705123]  dump_stack+0x107/0x167
[ 1099.706030]  should_fail.cold+0x5/0xa
[ 1099.706975]  ? create_object.isra.0+0x3a/0xa30
[ 1099.708106]  should_failslab+0x5/0x20
[ 1099.709080]  kmem_cache_alloc+0x5b/0x310
[ 1099.710095]  create_object.isra.0+0x3a/0xa30
[ 1099.711189]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1099.712454]  kmem_cache_alloc_trace+0x151/0x320
[ 1099.713640]  alloc_fs_context+0x57/0x840
[ 1099.714669]  path_mount+0xab1/0x21e0
[ 1099.715606]  ? strncpy_from_user+0x9e/0x470
[ 1099.716677]  ? finish_automount+0xa90/0xa90
[ 1099.717782]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1099.718940]  ? _copy_from_user+0xfb/0x1b0
[ 1099.719969]  __x64_sys_mount+0x282/0x300
[ 1099.720961]  ? copy_mnt_ns+0xa00/0xa00
[ 1099.721958]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1099.723242]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1099.724520]  do_syscall_64+0x33/0x40
[ 1099.725459]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1099.726713] RIP: 0033:0x7faeaa885b19
[ 1099.727622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1099.732158] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1099.734068] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1099.735822] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1099.737604] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1099.739364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1099.741124] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:36:46 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x100000000000000}, 0x0)

20:36:46 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x48, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:36:46 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:46 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:36:46 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1099.884421] 9pnet: Insufficient options for proto=fd
20:36:46 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x200000000000000}, 0x0)

20:36:46 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:36:46 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 12)

20:36:46 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x68, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:36:46 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf00000000000000}, 0x0)

20:36:46 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1100.062114] FAULT_INJECTION: forcing a failure.
[ 1100.062114] name failslab, interval 1, probability 0, space 0, times 0
[ 1100.064611] CPU: 0 PID: 10426 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1100.066123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1100.067924] Call Trace:
[ 1100.068496]  dump_stack+0x107/0x167
[ 1100.069301]  should_fail.cold+0x5/0xa
[ 1100.070129]  ? legacy_init_fs_context+0x44/0xe0
[ 1100.071133]  should_failslab+0x5/0x20
[ 1100.071961]  kmem_cache_alloc_trace+0x55/0x320
[ 1100.072952]  ? lockdep_init_map_type+0x2c7/0x780
[ 1100.073996]  legacy_init_fs_context+0x44/0xe0
[ 1100.074976]  ? generic_parse_monolithic+0x1f0/0x1f0
[ 1100.076063]  alloc_fs_context+0x4fd/0x840
[ 1100.076970]  path_mount+0xab1/0x21e0
[ 1100.077799]  ? strncpy_from_user+0x9e/0x470
[ 1100.078742]  ? finish_automount+0xa90/0xa90
[ 1100.079679]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1100.080696]  ? _copy_from_user+0xfb/0x1b0
[ 1100.081612]  __x64_sys_mount+0x282/0x300
[ 1100.082515]  ? copy_mnt_ns+0xa00/0xa00
[ 1100.083374]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1100.084534]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1100.085681]  do_syscall_64+0x33/0x40
[ 1100.086500]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1100.087631] RIP: 0033:0x7f2fae613b19
[ 1100.088447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1100.092629] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1100.094370] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1100.095994] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1100.097625] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1100.099247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1100.100885] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:36:46 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 12)

[ 1100.181902] FAULT_INJECTION: forcing a failure.
[ 1100.181902] name failslab, interval 1, probability 0, space 0, times 0
[ 1100.184810] CPU: 0 PID: 10494 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1100.186584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1100.188703] Call Trace:
[ 1100.189384]  dump_stack+0x107/0x167
[ 1100.190312]  should_fail.cold+0x5/0xa
[ 1100.191285]  ? legacy_init_fs_context+0x44/0xe0
[ 1100.192483]  should_failslab+0x5/0x20
[ 1100.193423]  kmem_cache_alloc_trace+0x55/0x320
[ 1100.194503]  ? lockdep_init_map_type+0x2c7/0x780
[ 1100.195729]  legacy_init_fs_context+0x44/0xe0
[ 1100.196885]  ? generic_parse_monolithic+0x1f0/0x1f0
[ 1100.198186]  alloc_fs_context+0x4fd/0x840
[ 1100.199273]  path_mount+0xab1/0x21e0
[ 1100.200224]  ? strncpy_from_user+0x9e/0x470
[ 1100.201212]  ? finish_automount+0xa90/0xa90
[ 1100.202336]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1100.203545]  ? _copy_from_user+0xfb/0x1b0
[ 1100.204551]  __x64_sys_mount+0x282/0x300
[ 1100.205458]  ? copy_mnt_ns+0xa00/0xa00
[ 1100.206325]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1100.207487]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1100.208631]  do_syscall_64+0x33/0x40
[ 1100.209465]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1100.210611] RIP: 0033:0x7faeaa885b19
[ 1100.211445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1100.215603] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1100.217335] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1100.218956] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1100.220576] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1100.222187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1100.223819] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:37:01 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:01 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 13)

20:37:01 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:01 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x7400000000000000}, 0x0)

20:37:01 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 14)

20:37:01 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1114.795071] FAULT_INJECTION: forcing a failure.
[ 1114.795071] name failslab, interval 1, probability 0, space 0, times 0
[ 1114.796450] CPU: 1 PID: 10617 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1114.797278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1114.798250] Call Trace:
[ 1114.798559]  dump_stack+0x107/0x167
[ 1114.798984]  should_fail.cold+0x5/0xa
[ 1114.799424]  ? create_object.isra.0+0x3a/0xa30
[ 1114.799966]  should_failslab+0x5/0x20
[ 1114.800411]  kmem_cache_alloc+0x5b/0x310
[ 1114.800885]  create_object.isra.0+0x3a/0xa30
[ 1114.801421]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
20:37:01 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:01 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 13)

[ 1114.802019]  kmem_cache_alloc_trace+0x151/0x320
[ 1114.802760]  legacy_init_fs_context+0x44/0xe0
[ 1114.803279]  ? generic_parse_monolithic+0x1f0/0x1f0
[ 1114.803865]  alloc_fs_context+0x4fd/0x840
[ 1114.804351]  path_mount+0xab1/0x21e0
[ 1114.804789]  ? strncpy_from_user+0x9e/0x470
[ 1114.805320]  ? finish_automount+0xa90/0xa90
[ 1114.805828]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1114.806360]  ? _copy_from_user+0xfb/0x1b0
[ 1114.806843]  __x64_sys_mount+0x282/0x300
[ 1114.807305]  ? copy_mnt_ns+0xa00/0xa00
[ 1114.807761]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1114.808373]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1114.808972]  do_syscall_64+0x33/0x40
[ 1114.809436]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1114.810028] RIP: 0033:0x7f2fae613b19
[ 1114.810468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1114.812609] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1114.813505] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1114.814328] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1114.815147] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1114.815970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1114.816790] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1114.822695] FAULT_INJECTION: forcing a failure.
[ 1114.822695] name failslab, interval 1, probability 0, space 0, times 0
[ 1114.824037] CPU: 1 PID: 10623 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1114.824846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1114.825837] Call Trace:
[ 1114.826140]  dump_stack+0x107/0x167
[ 1114.826558]  should_fail.cold+0x5/0xa
[ 1114.827000]  ? v9fs_mount+0x5a/0x8f0
[ 1114.827436]  should_failslab+0x5/0x20
[ 1114.827888]  kmem_cache_alloc_trace+0x55/0x320
[ 1114.828419]  ? v9fs_write_inode+0x60/0x60
[ 1114.828905]  v9fs_mount+0x5a/0x8f0
[ 1114.829334]  ? v9fs_write_inode+0x60/0x60
[ 1114.829836]  legacy_get_tree+0x105/0x220
[ 1114.830306]  vfs_get_tree+0x8e/0x300
[ 1114.830740]  path_mount+0x1490/0x21e0
[ 1114.831193]  ? strncpy_from_user+0x9e/0x470
[ 1114.831689]  ? finish_automount+0xa90/0xa90
[ 1114.832184]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1114.832718]  ? _copy_from_user+0xfb/0x1b0
[ 1114.833224]  __x64_sys_mount+0x282/0x300
[ 1114.833709]  ? copy_mnt_ns+0xa00/0xa00
[ 1114.834164]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1114.834770]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1114.835369]  do_syscall_64+0x33/0x40
[ 1114.835797]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1114.836393] RIP: 0033:0x7f9e20d43b19
[ 1114.836822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1114.837413] FAULT_INJECTION: forcing a failure.
[ 1114.837413] name failslab, interval 1, probability 0, space 0, times 0
[ 1114.838956] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1114.838967] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1114.838973] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1114.838978] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1114.838984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1114.838989] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1114.844690] 9pnet: Insufficient options for proto=fd
[ 1114.844900] CPU: 0 PID: 10625 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1114.853094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1114.854951] Call Trace:
[ 1114.855532]  dump_stack+0x107/0x167
[ 1114.856343]  should_fail.cold+0x5/0xa
[ 1114.857202]  ? create_object.isra.0+0x3a/0xa30
[ 1114.858219]  should_failslab+0x5/0x20
[ 1114.859074]  kmem_cache_alloc+0x5b/0x310
[ 1114.859985]  create_object.isra.0+0x3a/0xa30
[ 1114.860963]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1114.862121]  kmem_cache_alloc_trace+0x151/0x320
[ 1114.863176]  ? lockdep_init_map_type+0x2c7/0x780
[ 1114.864228]  legacy_init_fs_context+0x44/0xe0
[ 1114.865234]  ? generic_parse_monolithic+0x1f0/0x1f0
[ 1114.866339]  alloc_fs_context+0x4fd/0x840
[ 1114.867283]  path_mount+0xab1/0x21e0
[ 1114.868121]  ? strncpy_from_user+0x9e/0x470
[ 1114.869087]  ? finish_automount+0xa90/0xa90
[ 1114.870064]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1114.871109]  ? _copy_from_user+0xfb/0x1b0
[ 1114.872023]  __x64_sys_mount+0x282/0x300
[ 1114.872920]  ? copy_mnt_ns+0xa00/0xa00
[ 1114.873793]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1114.874973]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1114.876132]  do_syscall_64+0x33/0x40
[ 1114.876964]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1114.878112] RIP: 0033:0x7faeaa885b19
[ 1114.878946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1114.883052] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1114.884732] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1114.886343] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1114.887938] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1114.889529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1114.891130] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:37:01 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x74, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:01 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 15)

20:37:01 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 14)

20:37:01 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x9effffff00000000}, 0x0)

[ 1114.926054] FAULT_INJECTION: forcing a failure.
[ 1114.926054] name failslab, interval 1, probability 0, space 0, times 0
[ 1114.928584] CPU: 0 PID: 10720 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1114.930113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1114.931916] Call Trace:
[ 1114.932494]  dump_stack+0x107/0x167
[ 1114.933300]  should_fail.cold+0x5/0xa
[ 1114.934130]  ? v9fs_mount+0x5a/0x8f0
[ 1114.934982]  should_failslab+0x5/0x20
[ 1114.935819]  kmem_cache_alloc_trace+0x55/0x320
[ 1114.936818]  ? v9fs_write_inode+0x60/0x60
[ 1114.937738]  v9fs_mount+0x5a/0x8f0
[ 1114.938513]  ? v9fs_write_inode+0x60/0x60
[ 1114.939420]  legacy_get_tree+0x105/0x220
[ 1114.940310]  vfs_get_tree+0x8e/0x300
[ 1114.941124]  path_mount+0x1490/0x21e0
[ 1114.941983]  ? strncpy_from_user+0x9e/0x470
[ 1114.942922]  ? finish_automount+0xa90/0xa90
[ 1114.943861]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1114.944881]  ? _copy_from_user+0xfb/0x1b0
[ 1114.945805]  __x64_sys_mount+0x282/0x300
[ 1114.946687]  ? copy_mnt_ns+0xa00/0xa00
[ 1114.947546]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1114.948694]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1114.949837]  do_syscall_64+0x33/0x40
[ 1114.950660]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1114.951786] RIP: 0033:0x7f2fae613b19
[ 1114.952603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1114.956654] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1114.958331] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1114.959890] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1114.961466] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1114.963022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1114.964586] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:37:01 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xf0ffffff00000000}, 0x0)

20:37:01 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 14)

[ 1115.029952] FAULT_INJECTION: forcing a failure.
[ 1115.029952] name failslab, interval 1, probability 0, space 0, times 0
[ 1115.032445] CPU: 0 PID: 10840 Comm: syz-executor.6 Not tainted 5.10.245 #1
[ 1115.033965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1115.035778] Call Trace:
[ 1115.036362]  dump_stack+0x107/0x167
[ 1115.037158]  should_fail.cold+0x5/0xa
[ 1115.038018]  ? create_object.isra.0+0x3a/0xa30
[ 1115.039020]  should_failslab+0x5/0x20
[ 1115.039813] FAULT_INJECTION: forcing a failure.
[ 1115.039813] name failslab, interval 1, probability 0, space 0, times 0
[ 1115.039856]  kmem_cache_alloc+0x5b/0x310
[ 1115.042037]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1115.043176]  create_object.isra.0+0x3a/0xa30
[ 1115.044135]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1115.045260]  kmem_cache_alloc_trace+0x151/0x320
[ 1115.046278]  ? v9fs_write_inode+0x60/0x60
[ 1115.047183]  v9fs_mount+0x5a/0x8f0
[ 1115.047957]  ? v9fs_write_inode+0x60/0x60
[ 1115.048858]  legacy_get_tree+0x105/0x220
[ 1115.049760]  vfs_get_tree+0x8e/0x300
[ 1115.050574]  path_mount+0x1490/0x21e0
[ 1115.051411]  ? strncpy_from_user+0x9e/0x470
[ 1115.052356]  ? finish_automount+0xa90/0xa90
[ 1115.053309]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1115.054325]  ? _copy_from_user+0xfb/0x1b0
[ 1115.055240]  __x64_sys_mount+0x282/0x300
[ 1115.056126]  ? copy_mnt_ns+0xa00/0xa00
[ 1115.056984]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1115.058135]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1115.059268]  do_syscall_64+0x33/0x40
[ 1115.060083]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1115.061222] RIP: 0033:0x7f9e20d43b19
[ 1115.062032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1115.066061] RSP: 002b:00007f9e1e2b9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1115.067730] RAX: ffffffffffffffda RBX: 00007f9e20e56f60 RCX: 00007f9e20d43b19
[ 1115.069303] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1115.070860] RBP: 00007f9e1e2b91d0 R08: 0000000020000400 R09: 0000000000000000
[ 1115.072422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1115.073996] R13: 00007fff5bbb42bf R14: 00007f9e1e2b9300 R15: 0000000000022000
[ 1115.075594] CPU: 1 PID: 10846 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1115.076406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1115.077380] Call Trace:
[ 1115.077695]  dump_stack+0x107/0x167
[ 1115.078117]  should_fail.cold+0x5/0xa
[ 1115.078557]  ? v9fs_mount+0x5a/0x8f0
[ 1115.078986]  should_failslab+0x5/0x20
[ 1115.079430]  kmem_cache_alloc_trace+0x55/0x320
[ 1115.079955]  ? v9fs_write_inode+0x60/0x60
[ 1115.080433]  v9fs_mount+0x5a/0x8f0
[ 1115.080842]  ? v9fs_write_inode+0x60/0x60
[ 1115.081343]  legacy_get_tree+0x105/0x220
[ 1115.081810]  vfs_get_tree+0x8e/0x300
[ 1115.082239]  path_mount+0x1490/0x21e0
[ 1115.082684]  ? strncpy_from_user+0x9e/0x470
[ 1115.083181]  ? finish_automount+0xa90/0xa90
[ 1115.083678]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1115.084214]  ? _copy_from_user+0xfb/0x1b0
[ 1115.084694]  __x64_sys_mount+0x282/0x300
[ 1115.085178]  ? copy_mnt_ns+0xa00/0xa00
[ 1115.085641]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1115.086248]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1115.086844]  do_syscall_64+0x33/0x40
[ 1115.087276]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1115.087869] RIP: 0033:0x7faeaa885b19
[ 1115.088298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1115.090438] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1115.091313] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1115.092139] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1115.092956] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1115.093802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1115.094623] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:37:15 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 16)

20:37:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xffffff7f00000000}, 0x0)

20:37:15 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 15)

20:37:15 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:15 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 15)

20:37:15 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:15 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:15 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1129.202615] FAULT_INJECTION: forcing a failure.
[ 1129.202615] name failslab, interval 1, probability 0, space 0, times 0
[ 1129.205255] CPU: 0 PID: 10861 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1129.206870] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1129.208766] Call Trace:
[ 1129.209387]  dump_stack+0x107/0x167
[ 1129.210219]  should_fail.cold+0x5/0xa
[ 1129.211100]  ? create_object.isra.0+0x3a/0xa30
[ 1129.211867] FAULT_INJECTION: forcing a failure.
[ 1129.211867] name failslab, interval 1, probability 0, space 0, times 0
[ 1129.212152]  should_failslab+0x5/0x20
[ 1129.215391]  kmem_cache_alloc+0x5b/0x310
[ 1129.216323]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1129.217513]  create_object.isra.0+0x3a/0xa30
[ 1129.218517]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1129.219684]  kmem_cache_alloc_trace+0x151/0x320
[ 1129.220770]  ? v9fs_write_inode+0x60/0x60
[ 1129.221728]  v9fs_mount+0x5a/0x8f0
[ 1129.222553]  ? v9fs_write_inode+0x60/0x60
[ 1129.223500]  legacy_get_tree+0x105/0x220
[ 1129.224448]  vfs_get_tree+0x8e/0x300
[ 1129.225331]  path_mount+0x1490/0x21e0
[ 1129.226233]  ? strncpy_from_user+0x9e/0x470
[ 1129.227267]  ? finish_automount+0xa90/0xa90
[ 1129.228284]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1129.229381]  ? _copy_from_user+0xfb/0x1b0
[ 1129.230360]  __x64_sys_mount+0x282/0x300
[ 1129.231322]  ? copy_mnt_ns+0xa00/0xa00
[ 1129.232253]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1129.233483]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1129.234686]  do_syscall_64+0x33/0x40
[ 1129.235581]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1129.236790] RIP: 0033:0x7faeaa885b19
[ 1129.237675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1129.242012] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1129.243824] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1129.245505] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1129.247172] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1129.248850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1129.250533] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1129.252249] CPU: 1 PID: 10871 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1129.253788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1129.255594] Call Trace:
[ 1129.256228]  dump_stack+0x107/0x167
[ 1129.257019]  should_fail.cold+0x5/0xa
[ 1129.257861]  ? create_object.isra.0+0x3a/0xa30
[ 1129.258855]  should_failslab+0x5/0x20
[ 1129.259667]  kmem_cache_alloc+0x5b/0x310
[ 1129.260557]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1129.261694]  create_object.isra.0+0x3a/0xa30
[ 1129.262650]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1129.263752]  kmem_cache_alloc_trace+0x151/0x320
[ 1129.264756]  ? v9fs_write_inode+0x60/0x60
[ 1129.265665]  v9fs_mount+0x5a/0x8f0
[ 1129.266434]  ? v9fs_write_inode+0x60/0x60
[ 1129.267324]  legacy_get_tree+0x105/0x220
[ 1129.268203]  vfs_get_tree+0x8e/0x300
[ 1129.269018]  path_mount+0x1490/0x21e0
[ 1129.269863]  ? strncpy_from_user+0x9e/0x470
[ 1129.270782]  ? finish_automount+0xa90/0xa90
[ 1129.271728]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1129.272757]  ? _copy_from_user+0xfb/0x1b0
[ 1129.273684]  __x64_sys_mount+0x282/0x300
[ 1129.274561]  ? copy_mnt_ns+0xa00/0xa00
[ 1129.275404]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1129.276534]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1129.277664]  do_syscall_64+0x33/0x40
[ 1129.278465]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1129.279562] RIP: 0033:0x7f2fae613b19
[ 1129.280368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1129.284344] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1129.286008] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1129.287539] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1129.289077] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1129.290620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1129.292165] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1129.314996] 9pnet: Insufficient options for proto=fd
20:37:15 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0xfffffffffffff000}, 0x0)

20:37:15 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:15 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:16 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:16 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:16 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:37:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x2}, 0x0)

20:37:16 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:16 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 16)

20:37:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x8}, 0x0)

20:37:16 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 16)

20:37:16 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1129.765358] FAULT_INJECTION: forcing a failure.
[ 1129.765358] name failslab, interval 1, probability 0, space 0, times 0
[ 1129.767581] CPU: 0 PID: 11443 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1129.768897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1129.770479] Call Trace:
[ 1129.770986]  dump_stack+0x107/0x167
[ 1129.771677]  should_fail.cold+0x5/0xa
[ 1129.772400]  should_failslab+0x5/0x20
[ 1129.773120]  __kmalloc_track_caller+0x79/0x370
[ 1129.773992]  ? v9fs_session_init+0xa7/0x1680
[ 1129.774822]  ? kernel_text_address+0xf2/0x120
[ 1129.775666]  kstrdup+0x36/0x70
[ 1129.776273]  v9fs_session_init+0xa7/0x1680
[ 1129.777071]  ? lock_release+0x680/0x680
[ 1129.777827]  ? find_held_lock+0x2c/0x110
[ 1129.778603]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1129.779518]  ? v9fs_show_options+0x690/0x690
[ 1129.780353]  ? trace_hardirqs_on+0x5b/0x180
[ 1129.781173]  ? kasan_unpoison_shadow+0x33/0x50
[ 1129.782050]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1129.783024]  v9fs_mount+0x79/0x8f0
[ 1129.783705]  ? v9fs_write_inode+0x60/0x60
[ 1129.784489]  legacy_get_tree+0x105/0x220
[ 1129.785262]  vfs_get_tree+0x8e/0x300
[ 1129.785978]  path_mount+0x1490/0x21e0
[ 1129.786708]  ? strncpy_from_user+0x9e/0x470
[ 1129.787528]  ? finish_automount+0xa90/0xa90
[ 1129.788352]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1129.789234]  ? _copy_from_user+0xfb/0x1b0
[ 1129.790045]  __x64_sys_mount+0x282/0x300
[ 1129.790816]  ? copy_mnt_ns+0xa00/0xa00
[ 1129.791564]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1129.792563]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1129.793567]  do_syscall_64+0x33/0x40
[ 1129.794284]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1129.795267] RIP: 0033:0x7f2fae613b19
[ 1129.795979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1129.799533] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1129.800999] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1129.802379] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1129.803754] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1129.805131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1129.806514] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
[ 1129.811899] FAULT_INJECTION: forcing a failure.
[ 1129.811899] name failslab, interval 1, probability 0, space 0, times 0
[ 1129.814241] CPU: 0 PID: 11456 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1129.815584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1129.817205] Call Trace:
[ 1129.817736]  dump_stack+0x107/0x167
[ 1129.818459]  should_fail.cold+0x5/0xa
[ 1129.819212]  should_failslab+0x5/0x20
[ 1129.819958]  __kmalloc_track_caller+0x79/0x370
[ 1129.820852]  ? v9fs_session_init+0xa7/0x1680
[ 1129.821720]  ? kernel_text_address+0xf2/0x120
[ 1129.822609]  kstrdup+0x36/0x70
[ 1129.823246]  v9fs_session_init+0xa7/0x1680
[ 1129.824094]  ? lock_release+0x680/0x680
[ 1129.824870]  ? find_held_lock+0x2c/0x110
[ 1129.825677]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1129.826622]  ? v9fs_show_options+0x690/0x690
[ 1129.827483]  ? trace_hardirqs_on+0x5b/0x180
[ 1129.828324]  ? kasan_unpoison_shadow+0x33/0x50
[ 1129.829216]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1129.830219]  v9fs_mount+0x79/0x8f0
[ 1129.830917]  ? v9fs_write_inode+0x60/0x60
[ 1129.831726]  legacy_get_tree+0x105/0x220
[ 1129.832520]  vfs_get_tree+0x8e/0x300
[ 1129.833243]  path_mount+0x1490/0x21e0
[ 1129.834000]  ? strncpy_from_user+0x9e/0x470
[ 1129.834842]  ? finish_automount+0xa90/0xa90
[ 1129.835678]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1129.836590]  ? _copy_from_user+0xfb/0x1b0
[ 1129.837409]  __x64_sys_mount+0x282/0x300
[ 1129.838209]  ? copy_mnt_ns+0xa00/0xa00
[ 1129.838990]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1129.840024]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1129.841049]  do_syscall_64+0x33/0x40
[ 1129.841796]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1129.842812] RIP: 0033:0x7faeaa885b19
[ 1129.843544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1129.847215] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1129.848737] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1129.850187] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1129.851595] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1129.853001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1129.854432] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1144.679868] FAULT_INJECTION: forcing a failure.
[ 1144.679868] name failslab, interval 1, probability 0, space 0, times 0
[ 1144.682399] CPU: 0 PID: 11635 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1144.683884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1144.685673] Call Trace:
[ 1144.686242]  dump_stack+0x107/0x167
[ 1144.687022]  should_fail.cold+0x5/0xa
[ 1144.687839]  ? create_object.isra.0+0x3a/0xa30
[ 1144.688808]  should_failslab+0x5/0x20
[ 1144.689624]  kmem_cache_alloc+0x5b/0x310
[ 1144.690493]  create_object.isra.0+0x3a/0xa30
[ 1144.691431]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1144.692549]  __kmalloc_track_caller+0x177/0x370
[ 1144.693553]  ? v9fs_session_init+0xa7/0x1680
[ 1144.694488]  ? kernel_text_address+0xf2/0x120
[ 1144.695446]  kstrdup+0x36/0x70
[ 1144.696132]  v9fs_session_init+0xa7/0x1680
[ 1144.697035]  ? lock_release+0x680/0x680
[ 1144.697892]  ? find_held_lock+0x2c/0x110
[ 1144.698771]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1144.699805]  ? v9fs_show_options+0x690/0x690
[ 1144.700762]  ? trace_hardirqs_on+0x5b/0x180
[ 1144.701687]  ? kasan_unpoison_shadow+0x33/0x50
[ 1144.702665]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1144.703748]  v9fs_mount+0x79/0x8f0
[ 1144.704514]  ? v9fs_write_inode+0x60/0x60
[ 1144.705394]  legacy_get_tree+0x105/0x220
[ 1144.706276]  vfs_get_tree+0x8e/0x300
[ 1144.707068]  path_mount+0x1490/0x21e0
[ 1144.707899]  ? strncpy_from_user+0x9e/0x470
[ 1144.708102] FAULT_INJECTION: forcing a failure.
[ 1144.708102] name failslab, interval 1, probability 0, space 0, times 0
[ 1144.708828]  ? finish_automount+0xa90/0xa90
[ 1144.708847]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1144.708865]  ? _copy_from_user+0xfb/0x1b0
[ 1144.708892]  __x64_sys_mount+0x282/0x300
[ 1144.714834]  ? copy_mnt_ns+0xa00/0xa00
[ 1144.715671]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1144.716794]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1144.717910]  do_syscall_64+0x33/0x40
[ 1144.718709]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1144.719808] RIP: 0033:0x7faeaa885b19
[ 1144.720607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1144.724561] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1144.726202] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1144.727737] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1144.729263] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1144.730805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1144.732328] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1144.733883] CPU: 1 PID: 11646 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1144.735343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1144.737077] Call Trace:
[ 1144.737657]  dump_stack+0x107/0x167
20:37:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:31 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:31 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 17)

20:37:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf}, 0x0)

20:37:31 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:31 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:37:31 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:31 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 17)

[ 1144.738719]  should_fail.cold+0x5/0xa
[ 1144.739758]  ? create_object.isra.0+0x3a/0xa30
[ 1144.740723]  should_failslab+0x5/0x20
[ 1144.741542]  kmem_cache_alloc+0x5b/0x310
[ 1144.742404]  create_object.isra.0+0x3a/0xa30
[ 1144.743325]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1144.744403]  __kmalloc_track_caller+0x177/0x370
[ 1144.745375]  ? v9fs_session_init+0xa7/0x1680
[ 1144.746310]  ? kernel_text_address+0xf2/0x120
[ 1144.747253]  kstrdup+0x36/0x70
[ 1144.747931]  v9fs_session_init+0xa7/0x1680
[ 1144.748821]  ? lock_release+0x680/0x680
[ 1144.749661]  ? find_held_lock+0x2c/0x110
[ 1144.750524]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1144.751537]  ? v9fs_show_options+0x690/0x690
[ 1144.752469]  ? trace_hardirqs_on+0x5b/0x180
[ 1144.753373]  ? kasan_unpoison_shadow+0x33/0x50
[ 1144.754347]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1144.755418]  v9fs_mount+0x79/0x8f0
[ 1144.756163]  ? v9fs_write_inode+0x60/0x60
[ 1144.757038]  legacy_get_tree+0x105/0x220
[ 1144.757899]  vfs_get_tree+0x8e/0x300
[ 1144.758682]  path_mount+0x1490/0x21e0
20:37:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1144.759488]  ? strncpy_from_user+0x9e/0x470
[ 1144.760530]  ? finish_automount+0xa90/0xa90
[ 1144.761436]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1144.762423]  ? _copy_from_user+0xfb/0x1b0
[ 1144.763308]  __x64_sys_mount+0x282/0x300
[ 1144.764166]  ? copy_mnt_ns+0xa00/0xa00
[ 1144.764995]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1144.766109]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1144.767199]  do_syscall_64+0x33/0x40
[ 1144.767998]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1144.769085] RIP: 0033:0x7f2fae613b19
[ 1144.769878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1144.773773] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1144.775385] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1144.776901] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1144.778419] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1144.779932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1144.781439] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:37:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x74}, 0x0)

20:37:31 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:31 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf0}, 0x0)

20:37:31 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:31 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0x0, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:37:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf00}, 0x0)

[ 1145.059057] 9pnet: Insufficient options for proto=fd
20:37:31 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 18)

20:37:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x7400}, 0x0)

20:37:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:31 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:31 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x48, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1145.215395] FAULT_INJECTION: forcing a failure.
[ 1145.215395] name failslab, interval 1, probability 0, space 0, times 0
[ 1145.217853] CPU: 1 PID: 12299 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1145.219322] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1145.221088] Call Trace:
[ 1145.221659]  dump_stack+0x107/0x167
[ 1145.222432]  should_fail.cold+0x5/0xa
[ 1145.223242]  should_failslab+0x5/0x20
[ 1145.224052]  __kmalloc_track_caller+0x79/0x370
[ 1145.225023]  ? v9fs_session_init+0xe9/0x1680
[ 1145.225964]  ? kernel_text_address+0xf2/0x120
[ 1145.226921]  kstrdup+0x36/0x70
[ 1145.227603]  v9fs_session_init+0xe9/0x1680
[ 1145.228502]  ? lock_release+0x680/0x680
[ 1145.229341]  ? find_held_lock+0x2c/0x110
[ 1145.230216]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1145.231234]  ? v9fs_show_options+0x690/0x690
[ 1145.232174]  ? trace_hardirqs_on+0x5b/0x180
[ 1145.233085]  ? kasan_unpoison_shadow+0x33/0x50
[ 1145.234067]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1145.235144]  v9fs_mount+0x79/0x8f0
[ 1145.235899]  ? v9fs_write_inode+0x60/0x60
[ 1145.236773]  legacy_get_tree+0x105/0x220
[ 1145.237639]  vfs_get_tree+0x8e/0x300
[ 1145.238420]  path_mount+0x1490/0x21e0
[ 1145.239226]  ? strncpy_from_user+0x9e/0x470
[ 1145.240139]  ? finish_automount+0xa90/0xa90
[ 1145.241052]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1145.242045]  ? _copy_from_user+0xfb/0x1b0
[ 1145.242926]  __x64_sys_mount+0x282/0x300
[ 1145.243788]  ? copy_mnt_ns+0xa00/0xa00
[ 1145.244611]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1145.245725]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1145.246813]  do_syscall_64+0x33/0x40
[ 1145.247599]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1145.248677] RIP: 0033:0x7faeaa885b19
[ 1145.249462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1145.253353] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1145.254976] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1145.256490] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1145.258005] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1145.259513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1145.261027] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:37:45 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 18)

20:37:45 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x48, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1158.683574] FAULT_INJECTION: forcing a failure.
[ 1158.683574] name failslab, interval 1, probability 0, space 0, times 0
[ 1158.685001] CPU: 1 PID: 12523 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1158.685837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1158.686842] Call Trace:
[ 1158.687163]  dump_stack+0x107/0x167
[ 1158.687608]  should_fail.cold+0x5/0xa
[ 1158.688067]  ? create_object.isra.0+0x3a/0xa30
[ 1158.688620]  should_failslab+0x5/0x20
[ 1158.689077]  kmem_cache_alloc+0x5b/0x310
[ 1158.689570]  create_object.isra.0+0x3a/0xa30
[ 1158.690103]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1158.690720]  __kmalloc_track_caller+0x177/0x370
[ 1158.691279]  ? v9fs_session_init+0xe9/0x1680
[ 1158.691812]  kstrdup+0x36/0x70
[ 1158.692205]  v9fs_session_init+0xe9/0x1680
[ 1158.692720]  ? lock_release+0x680/0x680
[ 1158.693202]  ? find_held_lock+0x2c/0x110
[ 1158.693700]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1158.694280]  ? v9fs_show_options+0x690/0x690
[ 1158.694820]  ? trace_hardirqs_on+0x5b/0x180
[ 1158.695340]  ? kasan_unpoison_shadow+0x33/0x50
[ 1158.695896]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1158.696512]  v9fs_mount+0x79/0x8f0
[ 1158.696941]  ? v9fs_write_inode+0x60/0x60
[ 1158.697441]  legacy_get_tree+0x105/0x220
[ 1158.697942]  vfs_get_tree+0x8e/0x300
[ 1158.698396]  path_mount+0x1490/0x21e0
[ 1158.698860]  ? strncpy_from_user+0x9e/0x470
[ 1158.699384]  ? finish_automount+0xa90/0xa90
[ 1158.699907]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1158.700468]  ? _copy_from_user+0xfb/0x1b0
[ 1158.700975]  __x64_sys_mount+0x282/0x300
[ 1158.701462]  ? copy_mnt_ns+0xa00/0xa00
[ 1158.701940]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1158.702569]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1158.703185]  do_syscall_64+0x33/0x40
[ 1158.703632]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1158.704247] RIP: 0033:0x7faeaa885b19
[ 1158.704694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1158.706937] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1158.707851] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1158.708708] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1158.709568] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1158.710429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1158.711281] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:37:45 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:45 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf000}, 0x0)

20:37:45 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:45 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0x0, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:37:45 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:45 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 19)

[ 1158.738413] FAULT_INJECTION: forcing a failure.
[ 1158.738413] name failslab, interval 1, probability 0, space 0, times 0
[ 1158.740909] CPU: 0 PID: 12586 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1158.742355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1158.744067] Call Trace:
[ 1158.744618]  dump_stack+0x107/0x167
[ 1158.745375]  should_fail.cold+0x5/0xa
[ 1158.746173]  should_failslab+0x5/0x20
[ 1158.746963]  __kmalloc_track_caller+0x79/0x370
[ 1158.747915]  ? v9fs_session_init+0xe9/0x1680
[ 1158.748826]  ? kernel_text_address+0xf2/0x120
[ 1158.749770]  kstrdup+0x36/0x70
[ 1158.750438]  v9fs_session_init+0xe9/0x1680
[ 1158.751317]  ? lock_release+0x680/0x680
[ 1158.752142]  ? find_held_lock+0x2c/0x110
[ 1158.752993]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1158.754001]  ? v9fs_show_options+0x690/0x690
[ 1158.754922]  ? trace_hardirqs_on+0x5b/0x180
[ 1158.755818]  ? kasan_unpoison_shadow+0x33/0x50
[ 1158.756759]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1158.757822]  v9fs_mount+0x79/0x8f0
[ 1158.758561]  ? v9fs_write_inode+0x60/0x60
[ 1158.759414]  legacy_get_tree+0x105/0x220
[ 1158.760252]  vfs_get_tree+0x8e/0x300
[ 1158.761018]  path_mount+0x1490/0x21e0
[ 1158.761809]  ? strncpy_from_user+0x9e/0x470
[ 1158.762697]  ? finish_automount+0xa90/0xa90
[ 1158.763587]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1158.764545]  ? _copy_from_user+0xfb/0x1b0
[ 1158.765401]  __x64_sys_mount+0x282/0x300
[ 1158.766260]  ? copy_mnt_ns+0xa00/0xa00
[ 1158.767102]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1158.768231]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1158.769340]  do_syscall_64+0x33/0x40
[ 1158.770146]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1158.771245] RIP: 0033:0x7f2fae613b19
[ 1158.772041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1158.776009] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1158.777668] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1158.779208] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1158.780732] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1158.782269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1158.783789] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:37:45 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:45 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:45 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:45 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 20)

20:37:45 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:45 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x80000}, 0x0)

[ 1158.882407] FAULT_INJECTION: forcing a failure.
[ 1158.882407] name failslab, interval 1, probability 0, space 0, times 0
[ 1158.883707] CPU: 1 PID: 12900 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1158.884463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1158.885377] Call Trace:
[ 1158.885689]  dump_stack+0x107/0x167
[ 1158.886098]  should_fail.cold+0x5/0xa
[ 1158.886525]  ? p9_client_create+0xaf/0x1230
[ 1158.887008]  should_failslab+0x5/0x20
[ 1158.887436]  kmem_cache_alloc_trace+0x55/0x320
[ 1158.887952]  ? find_held_lock+0x2c/0x110
[ 1158.888413]  p9_client_create+0xaf/0x1230
[ 1158.888877]  ? lock_downgrade+0x6d0/0x6d0
[ 1158.889335]  ? p9_client_flush+0x430/0x430
[ 1158.889822]  ? trace_hardirqs_on+0x5b/0x180
[ 1158.890304]  ? lockdep_init_map_type+0x2c7/0x780
[ 1158.890839]  ? __raw_spin_lock_init+0x36/0x110
[ 1158.891351]  v9fs_session_init+0x1dd/0x1680
[ 1158.891839]  ? lock_release+0x680/0x680
[ 1158.892287]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1158.892827]  ? v9fs_show_options+0x690/0x690
[ 1158.893326]  ? trace_hardirqs_on+0x5b/0x180
[ 1158.893811]  ? kasan_unpoison_shadow+0x33/0x50
[ 1158.894317]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1158.894877]  v9fs_mount+0x79/0x8f0
[ 1158.895273]  ? v9fs_write_inode+0x60/0x60
[ 1158.895737]  legacy_get_tree+0x105/0x220
[ 1158.896182]  vfs_get_tree+0x8e/0x300
[ 1158.896598]  path_mount+0x1490/0x21e0
[ 1158.897022]  ? strncpy_from_user+0x9e/0x470
[ 1158.897508]  ? finish_automount+0xa90/0xa90
[ 1158.897987]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1158.898496]  ? _copy_from_user+0xfb/0x1b0
[ 1158.898953]  __x64_sys_mount+0x282/0x300
[ 1158.899394]  ? copy_mnt_ns+0xa00/0xa00
[ 1158.899820]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1158.900389]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1158.900955]  do_syscall_64+0x33/0x40
[ 1158.901358]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1158.901925] RIP: 0033:0x7faeaa885b19
[ 1158.902336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1158.904342] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1158.905167] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1158.905952] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1158.906724] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1158.907497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1158.908270] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:37:45 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x68, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:45 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 21)

[ 1159.009925] FAULT_INJECTION: forcing a failure.
[ 1159.009925] name failslab, interval 1, probability 0, space 0, times 0
[ 1159.012420] CPU: 0 PID: 13157 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1159.013931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1159.015732] Call Trace:
[ 1159.016308]  dump_stack+0x107/0x167
[ 1159.017105]  should_fail.cold+0x5/0xa
[ 1159.017950]  ? create_object.isra.0+0x3a/0xa30
[ 1159.018938]  should_failslab+0x5/0x20
[ 1159.019763]  kmem_cache_alloc+0x5b/0x310
[ 1159.020649]  ? kernel_text_address+0xf2/0x120
[ 1159.021639]  create_object.isra.0+0x3a/0xa30
[ 1159.022601]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1159.023709]  kmem_cache_alloc_trace+0x151/0x320
[ 1159.024720]  ? find_held_lock+0x2c/0x110
[ 1159.025607]  p9_client_create+0xaf/0x1230
[ 1159.026513]  ? lock_downgrade+0x6d0/0x6d0
[ 1159.027415]  ? p9_client_flush+0x430/0x430
[ 1159.028333]  ? trace_hardirqs_on+0x5b/0x180
[ 1159.029267]  ? lockdep_init_map_type+0x2c7/0x780
[ 1159.030305]  ? __raw_spin_lock_init+0x36/0x110
[ 1159.031301]  v9fs_session_init+0x1dd/0x1680
[ 1159.032250]  ? lock_release+0x680/0x680
[ 1159.033119]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1159.034172]  ? v9fs_show_options+0x690/0x690
[ 1159.035144]  ? trace_hardirqs_on+0x5b/0x180
[ 1159.036082]  ? kasan_unpoison_shadow+0x33/0x50
[ 1159.037070]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1159.038179]  v9fs_mount+0x79/0x8f0
[ 1159.038964]  ? v9fs_write_inode+0x60/0x60
[ 1159.039859]  legacy_get_tree+0x105/0x220
[ 1159.040741]  vfs_get_tree+0x8e/0x300
[ 1159.041555]  path_mount+0x1490/0x21e0
[ 1159.042404]  ? strncpy_from_user+0x9e/0x470
[ 1159.043341]  ? finish_automount+0xa90/0xa90
[ 1159.044272]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1159.045280]  ? _copy_from_user+0xfb/0x1b0
[ 1159.046191]  __x64_sys_mount+0x282/0x300
[ 1159.047068]  ? copy_mnt_ns+0xa00/0xa00
[ 1159.047914]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1159.049054]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1159.050185]  do_syscall_64+0x33/0x40
[ 1159.050990]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1159.052102] RIP: 0033:0x7faeaa885b19
[ 1159.052910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1159.056925] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1159.058589] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1159.060143] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1159.061705] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1159.063253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1159.064803] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:37:58 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 22)

20:37:58 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 19)

20:37:58 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x68, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:58 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf0ffff}, 0x0)

20:37:58 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:58 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0x0, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:37:58 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:58 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:37:58 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1172.031997] FAULT_INJECTION: forcing a failure.
[ 1172.031997] name failslab, interval 1, probability 0, space 0, times 0
[ 1172.034492] CPU: 0 PID: 13193 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1172.035985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1172.037753] Call Trace:
[ 1172.038348]  dump_stack+0x107/0x167
[ 1172.039125]  should_fail.cold+0x5/0xa
[ 1172.039938]  should_failslab+0x5/0x20
[ 1172.040747]  __kmalloc_track_caller+0x79/0x370
[ 1172.041724]  ? p9_client_create+0x41d/0x1230
[ 1172.042675]  kstrdup+0x36/0x70
[ 1172.043364]  p9_client_create+0x41d/0x1230
[ 1172.044266]  ? lock_downgrade+0x6d0/0x6d0
[ 1172.045165]  ? p9_client_flush+0x430/0x430
[ 1172.046091]  ? trace_hardirqs_on+0x5b/0x180
[ 1172.047020]  ? lockdep_init_map_type+0x2c7/0x780
[ 1172.048043]  ? __raw_spin_lock_init+0x36/0x110
[ 1172.049029]  v9fs_session_init+0x1dd/0x1680
[ 1172.049962]  ? lock_release+0x680/0x680
[ 1172.050821]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1172.051848]  ? v9fs_show_options+0x690/0x690
[ 1172.052799]  ? trace_hardirqs_on+0x5b/0x180
[ 1172.053723]  ? kasan_unpoison_shadow+0x33/0x50
[ 1172.054717]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1172.055812]  v9fs_mount+0x79/0x8f0
[ 1172.056576]  ? v9fs_write_inode+0x60/0x60
[ 1172.057470]  legacy_get_tree+0x105/0x220
[ 1172.058354]  vfs_get_tree+0x8e/0x300
[ 1172.059146]  path_mount+0x1490/0x21e0
[ 1172.059963]  ? strncpy_from_user+0x9e/0x470
[ 1172.060880]  ? finish_automount+0xa90/0xa90
[ 1172.061800]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1172.062810]  ? _copy_from_user+0xfb/0x1b0
[ 1172.063704]  __x64_sys_mount+0x282/0x300
[ 1172.064585]  ? copy_mnt_ns+0xa00/0xa00
[ 1172.065421]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1172.066565]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1172.067688]  do_syscall_64+0x33/0x40
[ 1172.068492]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1172.069602] RIP: 0033:0x7faeaa885b19
[ 1172.070418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1172.074421] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1172.076090] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1172.077641] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1172.079209] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1172.080772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1172.082335] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1172.104276] FAULT_INJECTION: forcing a failure.
[ 1172.104276] name failslab, interval 1, probability 0, space 0, times 0
[ 1172.106932] CPU: 0 PID: 13357 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1172.108452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1172.110274] Call Trace:
[ 1172.110853]  dump_stack+0x107/0x167
20:37:58 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x30ff, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1172.111654]  should_fail.cold+0x5/0xa
[ 1172.112628]  ? create_object.isra.0+0x3a/0xa30
[ 1172.113630]  should_failslab+0x5/0x20
[ 1172.114475]  kmem_cache_alloc+0x5b/0x310
[ 1172.115368]  create_object.isra.0+0x3a/0xa30
[ 1172.116328]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1172.117444]  __kmalloc_track_caller+0x177/0x370
[ 1172.118478]  ? v9fs_session_init+0xe9/0x1680
[ 1172.119446]  ? kernel_text_address+0xf2/0x120
[ 1172.120425]  kstrdup+0x36/0x70
[ 1172.121125]  v9fs_session_init+0xe9/0x1680
[ 1172.122059]  ? lock_release+0x680/0x680
[ 1172.122923]  ? find_held_lock+0x2c/0x110
[ 1172.123814]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1172.124862]  ? v9fs_show_options+0x690/0x690
[ 1172.125840]  ? trace_hardirqs_on+0x5b/0x180
[ 1172.126789]  ? kasan_unpoison_shadow+0x33/0x50
[ 1172.127778]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1172.128883]  v9fs_mount+0x79/0x8f0
[ 1172.129658]  ? v9fs_write_inode+0x60/0x60
[ 1172.130567]  legacy_get_tree+0x105/0x220
[ 1172.131460]  vfs_get_tree+0x8e/0x300
[ 1172.132273]  path_mount+0x1490/0x21e0
[ 1172.133106]  ? strncpy_from_user+0x9e/0x470
[ 1172.134054]  ? finish_automount+0xa90/0xa90
[ 1172.134993]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1172.136011]  ? _copy_from_user+0xfb/0x1b0
[ 1172.136926]  __x64_sys_mount+0x282/0x300
[ 1172.137819]  ? copy_mnt_ns+0xa00/0xa00
[ 1172.138664]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1172.139806]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1172.140927]  do_syscall_64+0x33/0x40
[ 1172.141733]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1172.142852] RIP: 0033:0x7f2fae613b19
[ 1172.143656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1172.147649] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1172.149303] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1172.150864] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1172.152420] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1172.153986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1172.155536] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:37:58 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:37:58 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1172.193451] 9pnet: Insufficient options for proto=fd
20:37:58 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x1000000}, 0x0)

20:38:12 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 20)

20:38:12 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1185.949762] FAULT_INJECTION: forcing a failure.
[ 1185.949762] name failslab, interval 1, probability 0, space 0, times 0
[ 1185.952327] CPU: 1 PID: 13747 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1185.953793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1185.955577] Call Trace:
[ 1185.956140]  dump_stack+0x107/0x167
[ 1185.956914]  should_fail.cold+0x5/0xa
[ 1185.957735]  ? create_object.isra.0+0x3a/0xa30
[ 1185.958720]  should_failslab+0x5/0x20
[ 1185.959532]  kmem_cache_alloc+0x5b/0x310
[ 1185.960398]  ? lock_downgrade+0x6d0/0x6d0
[ 1185.961283]  create_object.isra.0+0x3a/0xa30
[ 1185.962232]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1185.963316]  __kmalloc_track_caller+0x177/0x370
[ 1185.964305]  ? p9_client_create+0x41d/0x1230
[ 1185.965249]  kstrdup+0x36/0x70
[ 1185.965936]  p9_client_create+0x41d/0x1230
[ 1185.966851]  ? lock_downgrade+0x6d0/0x6d0
[ 1185.967745]  ? p9_client_flush+0x430/0x430
[ 1185.968659]  ? trace_hardirqs_on+0x5b/0x180
[ 1185.969584]  ? lockdep_init_map_type+0x2c7/0x780
[ 1185.970639]  ? __raw_spin_lock_init+0x36/0x110
[ 1185.971610]  v9fs_session_init+0x1dd/0x1680
[ 1185.972526]  ? lock_release+0x680/0x680
[ 1185.973374]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1185.974409]  ? v9fs_show_options+0x690/0x690
[ 1185.975350]  ? trace_hardirqs_on+0x5b/0x180
[ 1185.976269]  ? kasan_unpoison_shadow+0x33/0x50
[ 1185.977249]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1185.978324]  v9fs_mount+0x79/0x8f0
[ 1185.979078]  ? v9fs_write_inode+0x60/0x60
[ 1185.979947]  legacy_get_tree+0x105/0x220
[ 1185.980821]  vfs_get_tree+0x8e/0x300
[ 1185.981604]  path_mount+0x1490/0x21e0
[ 1185.982434]  ? strncpy_from_user+0x9e/0x470
[ 1185.983338]  ? finish_automount+0xa90/0xa90
[ 1185.984253]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1185.985236]  ? _copy_from_user+0xfb/0x1b0
[ 1185.986128]  __x64_sys_mount+0x282/0x300
[ 1185.986985]  ? copy_mnt_ns+0xa00/0xa00
[ 1185.987815]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1185.988923]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1185.990030]  do_syscall_64+0x33/0x40
[ 1185.990818]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1185.991903] RIP: 0033:0x7faeaa885b19
[ 1185.992691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1185.996619] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1185.998235] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
20:38:12 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x2000000}, 0x0)

20:38:12 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x0, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:38:12 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 23)

20:38:12 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x74, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:12 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:12 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6e, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1185.999969] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1186.001249] FAULT_INJECTION: forcing a failure.
[ 1186.001249] name failslab, interval 1, probability 0, space 0, times 0
[ 1186.001658] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1186.001669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1186.001679] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1186.005614] CPU: 0 PID: 13740 Comm: syz-executor.1 Not tainted 5.10.245 #1
[ 1186.006420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1186.007389] Call Trace:
[ 1186.007705]  dump_stack+0x107/0x167
[ 1186.008137]  should_fail.cold+0x5/0xa
[ 1186.008585]  ? p9_client_create+0xaf/0x1230
[ 1186.009086]  should_failslab+0x5/0x20
[ 1186.009532]  kmem_cache_alloc_trace+0x55/0x320
[ 1186.010073]  ? find_held_lock+0x2c/0x110
[ 1186.010551]  p9_client_create+0xaf/0x1230
[ 1186.011035]  ? lock_downgrade+0x6d0/0x6d0
[ 1186.011528]  ? p9_client_flush+0x430/0x430
[ 1186.012024]  ? trace_hardirqs_on+0x5b/0x180
[ 1186.012528]  ? lockdep_init_map_type+0x2c7/0x780
[ 1186.013083]  ? __raw_spin_lock_init+0x36/0x110
[ 1186.013627]  v9fs_session_init+0x1dd/0x1680
[ 1186.014140]  ? lock_release+0x680/0x680
[ 1186.014609]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1186.015170]  ? v9fs_show_options+0x690/0x690
[ 1186.015693]  ? trace_hardirqs_on+0x5b/0x180
[ 1186.016199]  ? kasan_unpoison_shadow+0x33/0x50
[ 1186.016732]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1186.017327]  v9fs_mount+0x79/0x8f0
[ 1186.017745]  ? v9fs_write_inode+0x60/0x60
[ 1186.018235]  legacy_get_tree+0x105/0x220
[ 1186.018716]  vfs_get_tree+0x8e/0x300
[ 1186.019152]  path_mount+0x1490/0x21e0
[ 1186.019603]  ? strncpy_from_user+0x9e/0x470
[ 1186.020106]  ? finish_automount+0xa90/0xa90
[ 1186.020611]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1186.021152]  ? _copy_from_user+0xfb/0x1b0
[ 1186.021645]  __x64_sys_mount+0x282/0x300
[ 1186.022131]  ? copy_mnt_ns+0xa00/0xa00
[ 1186.022588]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1186.023200]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1186.023804]  do_syscall_64+0x33/0x40
[ 1186.024237]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1186.024835] RIP: 0033:0x7f2fae613b19
[ 1186.025270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1186.027426] RSP: 002b:00007f2fabb89188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1186.028313] RAX: ffffffffffffffda RBX: 00007f2fae726f60 RCX: 00007f2fae613b19
[ 1186.029157] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1186.029996] RBP: 00007f2fabb891d0 R08: 0000000020000400 R09: 0000000000000000
[ 1186.030826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1186.031657] R13: 00007fff56eb534f R14: 00007f2fabb89300 R15: 0000000000022000
20:38:12 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:26 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf000000}, 0x0)

20:38:26 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x0, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:38:26 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6f, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:26 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 24)

20:38:26 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}}) (fail_nth: 21)

20:38:26 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:26 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:26 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:26 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x74000000}, 0x0)

[ 1199.714814] FAULT_INJECTION: forcing a failure.
[ 1199.714814] name failslab, interval 1, probability 0, space 0, times 0
[ 1199.717634] CPU: 0 PID: 14256 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1199.719313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1199.721314] Call Trace:
[ 1199.721959]  dump_stack+0x107/0x167
[ 1199.722849]  should_fail.cold+0x5/0xa
[ 1199.723775]  should_failslab+0x5/0x20
[ 1199.724678]  __kmalloc_track_caller+0x79/0x370
[ 1199.725759]  ? p9_client_create+0x51e/0x1230
[ 1199.726808]  kmemdup_nul+0x2d/0xa0
[ 1199.727637]  p9_client_create+0x51e/0x1230
[ 1199.728644]  ? p9_client_flush+0x430/0x430
[ 1199.729632]  ? trace_hardirqs_on+0x5b/0x180
[ 1199.730653]  ? lockdep_init_map_type+0x2c7/0x780
[ 1199.731791]  ? __raw_spin_lock_init+0x36/0x110
[ 1199.732877]  v9fs_session_init+0x1dd/0x1680
[ 1199.733896]  ? lock_release+0x680/0x680
[ 1199.734860]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1199.735991]  ? v9fs_show_options+0x690/0x690
[ 1199.737032]  ? trace_hardirqs_on+0x5b/0x180
[ 1199.738038]  ? kasan_unpoison_shadow+0x33/0x50
[ 1199.739119]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1199.740300]  v9fs_mount+0x79/0x8f0
[ 1199.741125]  ? v9fs_write_inode+0x60/0x60
[ 1199.742088]  legacy_get_tree+0x105/0x220
[ 1199.743052]  vfs_get_tree+0x8e/0x300
[ 1199.743926]  path_mount+0x1490/0x21e0
[ 1199.744825]  ? strncpy_from_user+0x9e/0x470
[ 1199.745836]  ? finish_automount+0xa90/0xa90
[ 1199.746847]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1199.747938]  ? _copy_from_user+0xfb/0x1b0
[ 1199.748916]  __x64_sys_mount+0x282/0x300
[ 1199.749873]  ? copy_mnt_ns+0xa00/0xa00
20:38:26 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x74, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1199.750801]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1199.752153]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1199.753348]  do_syscall_64+0x33/0x40
[ 1199.754223]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1199.755410] RIP: 0033:0x7faeaa885b19
[ 1199.756279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1199.760549] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1199.762315] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1199.763978] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1199.765621] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1199.767273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1199.768918] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:38:26 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:26 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x9effffff}, 0x0)

20:38:26 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:26 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x0, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:38:26 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf0ffffff}, 0x0)

20:38:26 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:26 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:26 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:26 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4800, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1199.960177] 9pnet: Insufficient options for proto=fd
[ 1212.976604] FAULT_INJECTION: forcing a failure.
[ 1212.976604] name failslab, interval 1, probability 0, space 0, times 0
[ 1212.979361] CPU: 0 PID: 15050 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1212.981014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1212.983003] Call Trace:
[ 1212.983631]  dump_stack+0x107/0x167
[ 1212.984498]  should_fail.cold+0x5/0xa
[ 1212.985405]  ? create_object.isra.0+0x3a/0xa30
[ 1212.986501]  should_failslab+0x5/0x20
[ 1212.987404]  kmem_cache_alloc+0x5b/0x310
[ 1212.988376]  create_object.isra.0+0x3a/0xa30
[ 1212.989419]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1212.990642]  __kmalloc_track_caller+0x177/0x370
[ 1212.991755]  ? p9_client_create+0x51e/0x1230
[ 1212.992809]  kmemdup_nul+0x2d/0xa0
[ 1212.993654]  p9_client_create+0x51e/0x1230
[ 1212.994682]  ? p9_client_flush+0x430/0x430
[ 1212.995691]  ? trace_hardirqs_on+0x5b/0x180
[ 1212.996724]  ? lockdep_init_map_type+0x2c7/0x780
[ 1212.997850]  ? __raw_spin_lock_init+0x36/0x110
[ 1212.998936]  v9fs_session_init+0x1dd/0x1680
[ 1212.999945]  ? lock_release+0x680/0x680
[ 1213.000884]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1213.002015]  ? v9fs_show_options+0x690/0x690
[ 1213.003054]  ? trace_hardirqs_on+0x5b/0x180
[ 1213.004069]  ? kasan_unpoison_shadow+0x33/0x50
[ 1213.005131]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1213.006334]  v9fs_mount+0x79/0x8f0
[ 1213.007400]  ? v9fs_write_inode+0x60/0x60
[ 1213.008368]  legacy_get_tree+0x105/0x220
[ 1213.009307]  vfs_get_tree+0x8e/0x300
[ 1213.010174]  path_mount+0x1490/0x21e0
[ 1213.011084]  ? strncpy_from_user+0x9e/0x470
[ 1213.012102]  ? finish_automount+0xa90/0xa90
[ 1213.013122]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1213.014226]  ? _copy_from_user+0xfb/0x1b0
[ 1213.015203]  __x64_sys_mount+0x282/0x300
[ 1213.016153]  ? copy_mnt_ns+0xa00/0xa00
[ 1213.017054]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1213.018287]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1213.019480]  do_syscall_64+0x33/0x40
[ 1213.020359]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1213.021552] RIP: 0033:0x7faeaa885b19
[ 1213.022433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1213.026770] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1213.028556] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1213.030235] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1213.031922] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1213.033601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1213.035292] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:38:39 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:39 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:39 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:39 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:39 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xfffff000}, 0x0)

20:38:39 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:39 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:38:39 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 25)

20:38:39 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6800, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:39 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xffffff7f}, 0x0)

20:38:39 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:39 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:54 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 26)

20:38:54 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:54 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7400, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:54 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:54 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:54 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:54 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xffffff9e}, 0x0)

20:38:54 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1227.884897] FAULT_INJECTION: forcing a failure.
[ 1227.884897] name failslab, interval 1, probability 0, space 0, times 0
[ 1227.887407] CPU: 0 PID: 15635 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1227.888901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1227.890705] Call Trace:
[ 1227.891276]  dump_stack+0x107/0x167
[ 1227.892069]  should_fail.cold+0x5/0xa
[ 1227.892894]  should_failslab+0x5/0x20
[ 1227.893723]  __kmalloc_track_caller+0x79/0x370
[ 1227.894739]  ? match_number+0xaf/0x1d0
[ 1227.895583]  kmemdup_nul+0x2d/0xa0
[ 1227.896359]  match_number+0xaf/0x1d0
[ 1227.897158]  ? match_u64+0x190/0x190
[ 1227.897980]  ? p9_client_create+0x57c/0x1230
[ 1227.898943]  ? kfree+0xd7/0x340
[ 1227.899650]  ? do_raw_spin_unlock+0x4f/0x220
[ 1227.900606]  p9_client_create+0x667/0x1230
[ 1227.901545]  ? p9_client_flush+0x430/0x430
[ 1227.902472]  ? trace_hardirqs_on+0x5b/0x180
[ 1227.903415]  ? lockdep_init_map_type+0x2c7/0x780
[ 1227.904443]  ? __raw_spin_lock_init+0x36/0x110
[ 1227.905435]  v9fs_session_init+0x1dd/0x1680
[ 1227.906345]  ? lock_release+0x680/0x680
[ 1227.907233]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1227.908269]  ? v9fs_show_options+0x690/0x690
[ 1227.909209]  ? trace_hardirqs_on+0x5b/0x180
[ 1227.910153]  ? kasan_unpoison_shadow+0x33/0x50
[ 1227.911121]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1227.912212]  v9fs_mount+0x79/0x8f0
[ 1227.912972]  ? v9fs_write_inode+0x60/0x60
[ 1227.913854]  legacy_get_tree+0x105/0x220
[ 1227.914735]  vfs_get_tree+0x8e/0x300
[ 1227.915517]  path_mount+0x1490/0x21e0
[ 1227.916337]  ? strncpy_from_user+0x9e/0x470
[ 1227.917267]  ? finish_automount+0xa90/0xa90
[ 1227.918225]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1227.919216]  ? _copy_from_user+0xfb/0x1b0
[ 1227.920102]  __x64_sys_mount+0x282/0x300
[ 1227.920980]  ? copy_mnt_ns+0xa00/0xa00
[ 1227.921814]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1227.922961]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1227.924077]  do_syscall_64+0x33/0x40
[ 1227.924887]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1227.925999] RIP: 0033:0x7faeaa885b19
[ 1227.926805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1227.930795] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1227.932449] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1227.933996] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1227.935549] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1227.937105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1227.938655] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:38:54 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:54 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:54 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xfffffff0}, 0x0)

20:38:54 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x85a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:38:54 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:54 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x8000000000000}, 0x0)

20:38:54 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:54 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:38:54 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:38:54 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 27)

20:38:54 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1228.365146] FAULT_INJECTION: forcing a failure.
[ 1228.365146] name failslab, interval 1, probability 0, space 0, times 0
[ 1228.367636] CPU: 0 PID: 16479 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1228.369103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1228.370870] Call Trace:
[ 1228.371426]  dump_stack+0x107/0x167
[ 1228.372198]  should_fail.cold+0x5/0xa
[ 1228.372989]  ? create_object.isra.0+0x3a/0xa30
[ 1228.373950]  should_failslab+0x5/0x20
[ 1228.374784]  kmem_cache_alloc+0x5b/0x310
[ 1228.375671]  create_object.isra.0+0x3a/0xa30
[ 1228.376611]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1228.377690]  __kmalloc_track_caller+0x177/0x370
[ 1228.378693]  ? match_number+0xaf/0x1d0
[ 1228.379530]  kmemdup_nul+0x2d/0xa0
[ 1228.380296]  match_number+0xaf/0x1d0
[ 1228.381093]  ? match_u64+0x190/0x190
[ 1228.381888]  ? p9_client_create+0x57c/0x1230
[ 1228.382848]  ? kfree+0xd7/0x340
[ 1228.383558]  ? do_raw_spin_unlock+0x4f/0x220
[ 1228.384493]  p9_client_create+0x667/0x1230
[ 1228.385407]  ? p9_client_flush+0x430/0x430
[ 1228.386310]  ? trace_hardirqs_on+0x5b/0x180
[ 1228.387234]  ? lockdep_init_map_type+0x2c7/0x780
[ 1228.388242]  ? __raw_spin_lock_init+0x36/0x110
[ 1228.389214]  v9fs_session_init+0x1dd/0x1680
[ 1228.390133]  ? lock_release+0x680/0x680
[ 1228.391005]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1228.392037]  ? v9fs_show_options+0x690/0x690
[ 1228.392980]  ? trace_hardirqs_on+0x5b/0x180
[ 1228.393910]  ? kasan_unpoison_shadow+0x33/0x50
[ 1228.394902]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1228.395981]  v9fs_mount+0x79/0x8f0
[ 1228.396731]  ? v9fs_write_inode+0x60/0x60
[ 1228.397631]  legacy_get_tree+0x105/0x220
[ 1228.398500]  vfs_get_tree+0x8e/0x300
[ 1228.399294]  path_mount+0x1490/0x21e0
[ 1228.400152]  ? strncpy_from_user+0x9e/0x470
[ 1228.401080]  ? finish_automount+0xa90/0xa90
[ 1228.402006]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1228.403003]  ? _copy_from_user+0xfb/0x1b0
[ 1228.403889]  __x64_sys_mount+0x282/0x300
[ 1228.404749]  ? copy_mnt_ns+0xa00/0xa00
[ 1228.405581]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1228.406697]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1228.407793]  do_syscall_64+0x33/0x40
[ 1228.408580]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1228.409655] RIP: 0033:0x7faeaa885b19
[ 1228.410447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1228.414339] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1228.415958] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1228.417466] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1228.418996] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1228.420510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1228.422034] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:39:07 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 28)

20:39:07 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:07 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640), 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:39:07 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x86a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:07 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf0ffffffffffff}, 0x0)

20:39:07 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:07 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:07 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:07 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x100000000000000}, 0x0)

[ 1240.815356] FAULT_INJECTION: forcing a failure.
[ 1240.815356] name failslab, interval 1, probability 0, space 0, times 0
[ 1240.818322] CPU: 1 PID: 16620 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1240.820039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1240.822092] Call Trace:
[ 1240.822752]  dump_stack+0x107/0x167
[ 1240.823652]  should_fail.cold+0x5/0xa
[ 1240.824592]  should_failslab+0x5/0x20
[ 1240.825522]  __kmalloc_track_caller+0x79/0x370
[ 1240.826653]  ? p9_client_create+0x598/0x1230
[ 1240.827733]  ? kfree+0xd7/0x340
[ 1240.828544]  kmemdup_nul+0x2d/0xa0
[ 1240.829421]  p9_client_create+0x598/0x1230
[ 1240.830472]  ? p9_client_flush+0x430/0x430
[ 1240.831519]  ? trace_hardirqs_on+0x5b/0x180
[ 1240.832583]  ? lockdep_init_map_type+0x2c7/0x780
[ 1240.833745]  ? __raw_spin_lock_init+0x36/0x110
[ 1240.834892]  v9fs_session_init+0x1dd/0x1680
[ 1240.835969]  ? lock_release+0x680/0x680
[ 1240.836956]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1240.838136]  ? v9fs_show_options+0x690/0x690
[ 1240.839226]  ? trace_hardirqs_on+0x5b/0x180
[ 1240.840276]  ? kasan_unpoison_shadow+0x33/0x50
[ 1240.841385]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1240.842635]  v9fs_mount+0x79/0x8f0
[ 1240.843500]  ? v9fs_write_inode+0x60/0x60
[ 1240.844502]  legacy_get_tree+0x105/0x220
[ 1240.845489]  vfs_get_tree+0x8e/0x300
[ 1240.846398]  path_mount+0x1490/0x21e0
[ 1240.847340]  ? strncpy_from_user+0x9e/0x470
[ 1240.848395]  ? finish_automount+0xa90/0xa90
[ 1240.849446]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1240.850594]  ? _copy_from_user+0xfb/0x1b0
[ 1240.851618]  __x64_sys_mount+0x282/0x300
[ 1240.852626]  ? copy_mnt_ns+0xa00/0xa00
[ 1240.853579]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1240.854873]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1240.856143]  do_syscall_64+0x33/0x40
[ 1240.857059]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1240.858298] RIP: 0033:0x7faeaa885b19
[ 1240.859213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1240.863703] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1240.865559] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1240.867299] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1240.869042] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1240.870770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1240.872493] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:39:21 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 29)

20:39:21 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x48, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1255.253031] FAULT_INJECTION: forcing a failure.
[ 1255.253031] name failslab, interval 1, probability 0, space 0, times 0
[ 1255.255569] CPU: 1 PID: 17015 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1255.257073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1255.258878] Call Trace:
[ 1255.259454]  dump_stack+0x107/0x167
[ 1255.260248]  should_fail.cold+0x5/0xa
[ 1255.261078]  ? create_object.isra.0+0x3a/0xa30
[ 1255.262072]  should_failslab+0x5/0x20
[ 1255.262913]  kmem_cache_alloc+0x5b/0x310
[ 1255.263792]  ? kfree+0xd7/0x340
[ 1255.264520]  create_object.isra.0+0x3a/0xa30
[ 1255.265481]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1255.266599]  __kmalloc_track_caller+0x177/0x370
[ 1255.267628]  ? p9_client_create+0x598/0x1230
20:39:21 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x200000000000000}, 0x0)

20:39:21 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640), 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:39:21 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:21 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x87a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:21 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:21 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1255.268593]  kmemdup_nul+0x2d/0xa0
[ 1255.269689]  p9_client_create+0x598/0x1230
[ 1255.270627]  ? p9_client_flush+0x430/0x430
[ 1255.271562]  ? trace_hardirqs_on+0x5b/0x180
[ 1255.272510]  ? lockdep_init_map_type+0x2c7/0x780
[ 1255.273534]  ? __raw_spin_lock_init+0x36/0x110
[ 1255.274529]  v9fs_session_init+0x1dd/0x1680
[ 1255.275466]  ? lock_release+0x680/0x680
[ 1255.276327]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1255.277371]  ? v9fs_show_options+0x690/0x690
[ 1255.278318]  ? trace_hardirqs_on+0x5b/0x180
[ 1255.279254]  ? kasan_unpoison_shadow+0x33/0x50
[ 1255.280235]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1255.281330]  v9fs_mount+0x79/0x8f0
[ 1255.282096]  ? v9fs_write_inode+0x60/0x60
[ 1255.283001]  legacy_get_tree+0x105/0x220
[ 1255.283887]  vfs_get_tree+0x8e/0x300
[ 1255.284697]  path_mount+0x1490/0x21e0
[ 1255.285523]  ? strncpy_from_user+0x9e/0x470
[ 1255.286456]  ? finish_automount+0xa90/0xa90
[ 1255.287396]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1255.288413]  ? _copy_from_user+0xfb/0x1b0
[ 1255.289319]  __x64_sys_mount+0x282/0x300
[ 1255.290201]  ? copy_mnt_ns+0xa00/0xa00
20:39:21 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640), 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1255.291069]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1255.292323]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1255.293435]  do_syscall_64+0x33/0x40
[ 1255.294231]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1255.295339] RIP: 0033:0x7faeaa885b19
[ 1255.296126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1255.300068] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1255.301698] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1255.303210] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1255.304735] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1255.306249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1255.307781] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:39:21 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:21 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x88a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:21 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf00000000000000}, 0x0)

20:39:22 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x89a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:22 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:39:22 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:22 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 30)

20:39:22 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x7400000000000000}, 0x0)

20:39:22 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:22 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:22 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5a, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:22 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x9effffff00000000}, 0x0)

[ 1255.582045] FAULT_INJECTION: forcing a failure.
[ 1255.582045] name failslab, interval 1, probability 0, space 0, times 0
[ 1255.584687] CPU: 1 PID: 17634 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1255.586143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1255.587904] Call Trace:
[ 1255.588470]  dump_stack+0x107/0x167
[ 1255.589235]  should_fail.cold+0x5/0xa
[ 1255.590044]  should_failslab+0x5/0x20
[ 1255.590860]  __kmalloc_track_caller+0x79/0x370
[ 1255.591820]  ? parse_opts.part.0+0x8e/0x340
[ 1255.592734]  kstrdup+0x36/0x70
[ 1255.593409]  parse_opts.part.0+0x8e/0x340
[ 1255.594278]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1255.595242]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1255.596345]  ? quarantine_put+0x8b/0x1a0
[ 1255.597199]  ? trace_hardirqs_on+0x5b/0x180
[ 1255.598113]  ? kfree+0xd7/0x340
[ 1255.598819]  p9_fd_create+0x98/0x4a0
[ 1255.599607]  ? p9_conn_create+0x510/0x510
[ 1255.600486]  ? p9_client_create+0x798/0x1230
[ 1255.601405]  ? kfree+0xd7/0x340
[ 1255.602104]  p9_client_create+0x7ff/0x1230
[ 1255.603007]  ? p9_client_flush+0x430/0x430
[ 1255.603895]  ? trace_hardirqs_on+0x5b/0x180
[ 1255.604801]  ? lockdep_init_map_type+0x2c7/0x780
[ 1255.605786]  ? __raw_spin_lock_init+0x36/0x110
[ 1255.606722]  v9fs_session_init+0x1dd/0x1680
[ 1255.607644]  ? lock_release+0x680/0x680
[ 1255.608467]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1255.609457]  ? v9fs_show_options+0x690/0x690
[ 1255.610373]  ? trace_hardirqs_on+0x5b/0x180
[ 1255.611263]  ? kasan_unpoison_shadow+0x33/0x50
[ 1255.612215]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1255.613293]  v9fs_mount+0x79/0x8f0
20:39:22 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xf0ffffff00000000}, 0x0)

[ 1255.614045]  ? v9fs_write_inode+0x60/0x60
20:39:22 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5b, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1255.615045]  legacy_get_tree+0x105/0x220
[ 1255.615998]  vfs_get_tree+0x8e/0x300
[ 1255.616773]  path_mount+0x1490/0x21e0
[ 1255.617575]  ? strncpy_from_user+0x9e/0x470
[ 1255.618473]  ? finish_automount+0xa90/0xa90
[ 1255.619391]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1255.620364]  ? _copy_from_user+0xfb/0x1b0
[ 1255.621246]  __x64_sys_mount+0x282/0x300
[ 1255.622096]  ? copy_mnt_ns+0xa00/0xa00
[ 1255.622930]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1255.624032]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1255.625115]  do_syscall_64+0x33/0x40
[ 1255.625896]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1255.626978] RIP: 0033:0x7faeaa885b19
[ 1255.627764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1255.631644] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1255.633246] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1255.634772] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1255.636270] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1255.637766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1255.639290] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1255.642557] 9pnet: Insufficient options for proto=fd
20:39:22 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8aa3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:22 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xffffff7f00000000}, 0x0)

20:39:22 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:22 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:39:22 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8ba3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:22 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0xfffffffffffff000}, 0x0)

20:39:22 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:22 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8ca3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:36 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)

20:39:36 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:39:36 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:36 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:36 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8da3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:36 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5d, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:36 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:36 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 31)

[ 1269.705051] FAULT_INJECTION: forcing a failure.
[ 1269.705051] name failslab, interval 1, probability 0, space 0, times 0
[ 1269.707564] CPU: 0 PID: 18345 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1269.709092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1269.710925] Call Trace:
[ 1269.711514]  dump_stack+0x107/0x167
[ 1269.712320]  should_fail.cold+0x5/0xa
[ 1269.713160]  ? create_object.isra.0+0x3a/0xa30
[ 1269.714171]  should_failslab+0x5/0x20
[ 1269.715023]  kmem_cache_alloc+0x5b/0x310
[ 1269.715912]  ? legacy_get_tree+0x105/0x220
[ 1269.716842]  ? vfs_get_tree+0x8e/0x300
[ 1269.717703]  create_object.isra.0+0x3a/0xa30
[ 1269.718663]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1269.719806]  __kmalloc_track_caller+0x177/0x370
[ 1269.720822]  ? parse_opts.part.0+0x8e/0x340
[ 1269.721776]  kstrdup+0x36/0x70
[ 1269.722485]  parse_opts.part.0+0x8e/0x340
[ 1269.723401]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1269.724392]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1269.725534]  ? quarantine_put+0x8b/0x1a0
[ 1269.726421]  ? trace_hardirqs_on+0x5b/0x180
[ 1269.727377]  ? kfree+0xd7/0x340
[ 1269.728106]  p9_fd_create+0x98/0x4a0
[ 1269.728919]  ? p9_conn_create+0x510/0x510
[ 1269.729826]  ? p9_client_create+0x798/0x1230
[ 1269.730788]  ? kfree+0xd7/0x340
[ 1269.731529]  p9_client_create+0x7ff/0x1230
[ 1269.732466]  ? p9_client_flush+0x430/0x430
[ 1269.733392]  ? trace_hardirqs_on+0x5b/0x180
[ 1269.734339]  ? lockdep_init_map_type+0x2c7/0x780
[ 1269.735392]  ? __raw_spin_lock_init+0x36/0x110
[ 1269.736400]  v9fs_session_init+0x1dd/0x1680
[ 1269.737347]  ? lock_release+0x680/0x680
[ 1269.738227]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1269.739289]  ? v9fs_show_options+0x690/0x690
[ 1269.740262]  ? trace_hardirqs_on+0x5b/0x180
[ 1269.741207]  ? kasan_unpoison_shadow+0x33/0x50
[ 1269.742205]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1269.743330]  v9fs_mount+0x79/0x8f0
[ 1269.744108]  ? v9fs_write_inode+0x60/0x60
[ 1269.745014]  legacy_get_tree+0x105/0x220
[ 1269.745904]  vfs_get_tree+0x8e/0x300
[ 1269.746720]  path_mount+0x1490/0x21e0
[ 1269.747569]  ? strncpy_from_user+0x9e/0x470
[ 1269.748514]  ? finish_automount+0xa90/0xa90
[ 1269.749459]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1269.750478]  ? _copy_from_user+0xfb/0x1b0
[ 1269.751401]  __x64_sys_mount+0x282/0x300
[ 1269.752289]  ? copy_mnt_ns+0xa00/0xa00
[ 1269.753146]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1269.754298]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1269.755440]  do_syscall_64+0x33/0x40
[ 1269.756257]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1269.757385] RIP: 0033:0x7faeaa885b19
[ 1269.758201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1269.762254] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1269.763930] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1269.765492] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1269.767060] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1269.768620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1269.770182] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:39:36 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x2}, 0x0)

20:39:36 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8ea3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:36 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:39:36 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:36 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:36 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:36 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x68, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:36 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x0)

20:39:50 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8fa3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:39:50 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:39:50 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:50 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xf}, 0x0)

20:39:50 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:50 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:50 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:39:50 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 32)

[ 1284.168403] FAULT_INJECTION: forcing a failure.
[ 1284.168403] name failslab, interval 1, probability 0, space 0, times 0
[ 1284.171309] CPU: 0 PID: 19201 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1284.173015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1284.175052] Call Trace:
[ 1284.175804]  dump_stack+0x107/0x167
[ 1284.176701]  should_fail.cold+0x5/0xa
[ 1284.177640]  should_failslab+0x5/0x20
[ 1284.178586]  __kmalloc_track_caller+0x79/0x370
[ 1284.179716]  ? match_number+0xaf/0x1d0
[ 1284.180683]  kmemdup_nul+0x2d/0xa0
[ 1284.181561]  match_number+0xaf/0x1d0
[ 1284.182480]  ? match_u64+0x190/0x190
[ 1284.183413]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1284.184599]  ? memcpy+0x39/0x60
[ 1284.185410]  parse_opts.part.0+0x1f3/0x340
[ 1284.186443]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1284.187552]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1284.188821]  ? trace_hardirqs_on+0x5b/0x180
[ 1284.189870]  ? kfree+0xd7/0x340
[ 1284.190683]  p9_fd_create+0x98/0x4a0
[ 1284.191593]  ? p9_conn_create+0x510/0x510
[ 1284.192608]  ? p9_client_create+0x798/0x1230
[ 1284.193672]  ? kfree+0xd7/0x340
[ 1284.194491]  p9_client_create+0x7ff/0x1230
[ 1284.195537]  ? p9_client_flush+0x430/0x430
[ 1284.196565]  ? trace_hardirqs_on+0x5b/0x180
[ 1284.197615]  ? lockdep_init_map_type+0x2c7/0x780
[ 1284.198773]  ? __raw_spin_lock_init+0x36/0x110
[ 1284.199897]  v9fs_session_init+0x1dd/0x1680
[ 1284.200947]  ? lock_release+0x680/0x680
[ 1284.201922]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1284.203099]  ? v9fs_show_options+0x690/0x690
[ 1284.204179]  ? trace_hardirqs_on+0x5b/0x180
[ 1284.205228]  ? kasan_unpoison_shadow+0x33/0x50
[ 1284.206339]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1284.207581]  v9fs_mount+0x79/0x8f0
[ 1284.208432]  ? v9fs_write_inode+0x60/0x60
[ 1284.209427]  legacy_get_tree+0x105/0x220
[ 1284.210406]  vfs_get_tree+0x8e/0x300
[ 1284.211309]  path_mount+0x1490/0x21e0
[ 1284.212226]  ? strncpy_from_user+0x9e/0x470
[ 1284.213259]  ? finish_automount+0xa90/0xa90
[ 1284.214298]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1284.215423]  ? _copy_from_user+0xfb/0x1b0
[ 1284.216423]  __x64_sys_mount+0x282/0x300
[ 1284.217398]  ? copy_mnt_ns+0xa00/0xa00
[ 1284.218337]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1284.219605]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1284.220840]  do_syscall_64+0x33/0x40
[ 1284.221739]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1284.222975] RIP: 0033:0x7faeaa885b19
[ 1284.223872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1284.228278] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1284.230105] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1284.231800] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1284.233500] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1284.235199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1284.236890] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1284.415672] 9pnet: Insufficient options for proto=fd
20:40:06 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 33)

20:40:06 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:06 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:06 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x74}, 0x0)

[ 1300.052039] FAULT_INJECTION: forcing a failure.
[ 1300.052039] name failslab, interval 1, probability 0, space 0, times 0
[ 1300.054330] CPU: 0 PID: 19629 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1300.055708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1300.057364] Call Trace:
[ 1300.057881]  dump_stack+0x107/0x167
[ 1300.058590]  should_fail.cold+0x5/0xa
[ 1300.059359]  ? create_object.isra.0+0x3a/0xa30
[ 1300.060251]  should_failslab+0x5/0x20
[ 1300.061002]  kmem_cache_alloc+0x5b/0x310
[ 1300.061796]  create_object.isra.0+0x3a/0xa30
[ 1300.062647]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1300.063656]  __kmalloc_track_caller+0x177/0x370
[ 1300.064563]  ? match_number+0xaf/0x1d0
[ 1300.065325]  kmemdup_nul+0x2d/0xa0
[ 1300.066010]  match_number+0xaf/0x1d0
[ 1300.066729]  ? match_u64+0x190/0x190
[ 1300.067486]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1300.068421]  ? memcpy+0x39/0x60
[ 1300.069314]  parse_opts.part.0+0x1f3/0x340
[ 1300.070144]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1300.071018]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1300.072068]  ? trace_hardirqs_on+0x5b/0x180
[ 1300.072912]  ? kfree+0xd7/0x340
[ 1300.073563]  p9_fd_create+0x98/0x4a0
[ 1300.074283]  ? p9_conn_create+0x510/0x510
[ 1300.075094]  ? p9_client_create+0x798/0x1230
[ 1300.075965]  ? kfree+0xd7/0x340
[ 1300.076615]  p9_client_create+0x7ff/0x1230
[ 1300.077443]  ? p9_client_flush+0x430/0x430
[ 1300.078272]  ? trace_hardirqs_on+0x5b/0x180
[ 1300.079115]  ? lockdep_init_map_type+0x2c7/0x780
[ 1300.080075]  ? __raw_spin_lock_init+0x36/0x110
[ 1300.080968]  v9fs_session_init+0x1dd/0x1680
[ 1300.081812]  ? lock_release+0x680/0x680
[ 1300.082588]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1300.083573]  ? v9fs_show_options+0x690/0x690
[ 1300.084439]  ? trace_hardirqs_on+0x5b/0x180
[ 1300.085272]  ? kasan_unpoison_shadow+0x33/0x50
[ 1300.086155]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1300.087136]  v9fs_mount+0x79/0x8f0
[ 1300.087844]  ? v9fs_write_inode+0x60/0x60
[ 1300.088654]  legacy_get_tree+0x105/0x220
[ 1300.089438]  vfs_get_tree+0x8e/0x300
[ 1300.090157]  path_mount+0x1490/0x21e0
[ 1300.090901]  ? strncpy_from_user+0x9e/0x470
[ 1300.091753]  ? finish_automount+0xa90/0xa90
[ 1300.092597]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1300.093501]  ? _copy_from_user+0xfb/0x1b0
[ 1300.094314]  __x64_sys_mount+0x282/0x300
[ 1300.095099]  ? copy_mnt_ns+0xa00/0xa00
[ 1300.095887]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1300.096911]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1300.097924]  do_syscall_64+0x33/0x40
[ 1300.098647]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1300.099659] RIP: 0033:0x7faeaa885b19
[ 1300.100375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1300.103966] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1300.105445] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1300.106804] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1300.108198] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1300.109561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1300.110921] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:40:06 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x90a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:40:06 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:06 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x74, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:06 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:40:06 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x91a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:40:06 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xf0}, 0x0)

20:40:06 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:06 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:06 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:19 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, 0x0, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:40:19 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x92a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:40:19 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:19 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 34)

20:40:19 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xf00}, 0x0)

20:40:19 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x30ff, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:19 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:19 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1313.089312] FAULT_INJECTION: forcing a failure.
[ 1313.089312] name failslab, interval 1, probability 0, space 0, times 0
[ 1313.091924] CPU: 1 PID: 20375 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1313.093462] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1313.095300] Call Trace:
[ 1313.095902]  dump_stack+0x107/0x167
[ 1313.096713]  should_fail.cold+0x5/0xa
[ 1313.097563]  should_failslab+0x5/0x20
[ 1313.098409]  __kmalloc_track_caller+0x79/0x370
[ 1313.099431]  ? match_number+0xaf/0x1d0
[ 1313.100294]  ? kfree+0xd7/0x340
[ 1313.101028]  kmemdup_nul+0x2d/0xa0
[ 1313.101816]  match_number+0xaf/0x1d0
[ 1313.102643]  ? match_u64+0x190/0x190
[ 1313.103477]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1313.104545]  ? memcpy+0x39/0x60
[ 1313.105282]  parse_opts.part.0+0x1f3/0x340
[ 1313.106225]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1313.107226]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1313.108403]  ? trace_hardirqs_on+0x5b/0x180
[ 1313.109365]  ? kfree+0xd7/0x340
[ 1313.110110]  p9_fd_create+0x98/0x4a0
[ 1313.110939]  ? p9_conn_create+0x510/0x510
[ 1313.111876]  ? p9_client_create+0x798/0x1230
[ 1313.112854]  ? kfree+0xd7/0x340
[ 1313.113600]  p9_client_create+0x7ff/0x1230
[ 1313.114552]  ? p9_client_flush+0x430/0x430
[ 1313.115502]  ? trace_hardirqs_on+0x5b/0x180
[ 1313.116463]  ? lockdep_init_map_type+0x2c7/0x780
[ 1313.117518]  ? __raw_spin_lock_init+0x36/0x110
[ 1313.118540]  v9fs_session_init+0x1dd/0x1680
[ 1313.119510]  ? lock_release+0x680/0x680
[ 1313.120403]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1313.121478]  ? v9fs_show_options+0x690/0x690
[ 1313.122464]  ? trace_hardirqs_on+0x5b/0x180
[ 1313.123435]  ? kasan_unpoison_shadow+0x33/0x50
[ 1313.124450]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1313.125583]  v9fs_mount+0x79/0x8f0
[ 1313.126373]  ? v9fs_write_inode+0x60/0x60
[ 1313.127290]  legacy_get_tree+0x105/0x220
[ 1313.128204]  vfs_get_tree+0x8e/0x300
[ 1313.129032]  path_mount+0x1490/0x21e0
[ 1313.129884]  ? strncpy_from_user+0x9e/0x470
[ 1313.130841]  ? finish_automount+0xa90/0xa90
[ 1313.131809]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1313.132844]  ? _copy_from_user+0xfb/0x1b0
[ 1313.133772]  __x64_sys_mount+0x282/0x300
[ 1313.134674]  ? copy_mnt_ns+0xa00/0xa00
[ 1313.135555]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1313.136728]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1313.137899]  do_syscall_64+0x33/0x40
[ 1313.138732]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1313.139885] RIP: 0033:0x7faeaa885b19
[ 1313.140721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1313.144838] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1313.146533] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1313.148136] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1313.149730] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1313.151324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1313.152931] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1313.156427] 9pnet: Insufficient options for proto=fd
20:40:19 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x93a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:40:19 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:19 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x94a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:40:19 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x7400}, 0x0)

20:40:19 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 35)

20:40:19 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1313.284445] FAULT_INJECTION: forcing a failure.
[ 1313.284445] name failslab, interval 1, probability 0, space 0, times 0
[ 1313.286043] CPU: 0 PID: 20813 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1313.286940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1313.288018] Call Trace:
[ 1313.288363]  dump_stack+0x107/0x167
[ 1313.288834]  should_fail.cold+0x5/0xa
[ 1313.289327]  ? create_object.isra.0+0x3a/0xa30
[ 1313.289914]  should_failslab+0x5/0x20
[ 1313.290404]  kmem_cache_alloc+0x5b/0x310
[ 1313.290928]  create_object.isra.0+0x3a/0xa30
[ 1313.291500]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1313.292157]  __kmalloc_track_caller+0x177/0x370
[ 1313.292758]  ? match_number+0xaf/0x1d0
[ 1313.293262]  kmemdup_nul+0x2d/0xa0
[ 1313.293719]  match_number+0xaf/0x1d0
[ 1313.294196]  ? match_u64+0x190/0x190
[ 1313.294675]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1313.295292]  ? memcpy+0x39/0x60
[ 1313.295726]  parse_opts.part.0+0x1f3/0x340
[ 1313.296268]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1313.296851]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1313.297519]  ? trace_hardirqs_on+0x5b/0x180
[ 1313.298075]  ? kfree+0xd7/0x340
[ 1313.298503]  p9_fd_create+0x98/0x4a0
[ 1313.298980]  ? p9_conn_create+0x510/0x510
[ 1313.299571]  ? p9_client_create+0x798/0x1230
[ 1313.300138]  ? kfree+0xd7/0x340
[ 1313.300568]  p9_client_create+0x7ff/0x1230
[ 1313.301117]  ? p9_client_flush+0x430/0x430
[ 1313.301659]  ? trace_hardirqs_on+0x5b/0x180
[ 1313.302212]  ? lockdep_init_map_type+0x2c7/0x780
[ 1313.302819]  ? __raw_spin_lock_init+0x36/0x110
[ 1313.303408]  v9fs_session_init+0x1dd/0x1680
[ 1313.303963]  ? lock_release+0x680/0x680
[ 1313.304474]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1313.305079]  ? v9fs_show_options+0x690/0x690
[ 1313.305647]  ? trace_hardirqs_on+0x5b/0x180
[ 1313.306195]  ? kasan_unpoison_shadow+0x33/0x50
[ 1313.306775]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1313.307425]  v9fs_mount+0x79/0x8f0
[ 1313.307878]  ? v9fs_write_inode+0x60/0x60
[ 1313.308405]  legacy_get_tree+0x105/0x220
[ 1313.308925]  vfs_get_tree+0x8e/0x300
[ 1313.309399]  path_mount+0x1490/0x21e0
[ 1313.309888]  ? strncpy_from_user+0x9e/0x470
[ 1313.310433]  ? finish_automount+0xa90/0xa90
[ 1313.310978]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1313.311578]  ? _copy_from_user+0xfb/0x1b0
[ 1313.312113]  __x64_sys_mount+0x282/0x300
[ 1313.312631]  ? copy_mnt_ns+0xa00/0xa00
[ 1313.313135]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1313.313805]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1313.314461]  do_syscall_64+0x33/0x40
[ 1313.314938]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1313.315601] RIP: 0033:0x7faeaa885b19
[ 1313.316081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1313.318443] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1313.319418] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1313.320325] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1313.321236] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1313.322144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1313.323057] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:40:19 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, 0x0, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:40:19 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:19 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:32 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xf000}, 0x0)

20:40:32 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 36)

20:40:32 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1325.932439] FAULT_INJECTION: forcing a failure.
[ 1325.932439] name failslab, interval 1, probability 0, space 0, times 0
[ 1325.935007] CPU: 1 PID: 21249 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1325.936473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1325.938222] Call Trace:
[ 1325.938781]  dump_stack+0x107/0x167
[ 1325.939559]  should_fail.cold+0x5/0xa
20:40:32 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:32 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, 0x0, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:40:32 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:32 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:32 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x95a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1325.940545]  ? p9_fd_create+0x161/0x4a0
[ 1325.941542]  should_failslab+0x5/0x20
[ 1325.942357]  kmem_cache_alloc_trace+0x55/0x320
[ 1325.943512]  p9_fd_create+0x161/0x4a0
[ 1325.944521]  ? p9_conn_create+0x510/0x510
[ 1325.945592]  ? p9_client_create+0x798/0x1230
[ 1325.946738]  ? kfree+0xd7/0x340
[ 1325.947614]  p9_client_create+0x7ff/0x1230
[ 1325.948721]  ? p9_client_flush+0x430/0x430
[ 1325.949819]  ? trace_hardirqs_on+0x5b/0x180
[ 1325.950947]  ? lockdep_init_map_type+0x2c7/0x780
[ 1325.952194]  ? __raw_spin_lock_init+0x36/0x110
[ 1325.953379]  v9fs_session_init+0x1dd/0x1680
[ 1325.954313]  ? lock_release+0x680/0x680
[ 1325.955332]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1325.956581]  ? v9fs_show_options+0x690/0x690
[ 1325.957723]  ? trace_hardirqs_on+0x5b/0x180
[ 1325.958827]  ? kasan_unpoison_shadow+0x33/0x50
[ 1325.959965]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1325.961022]  v9fs_mount+0x79/0x8f0
[ 1325.961746]  ? v9fs_write_inode+0x60/0x60
[ 1325.962607]  legacy_get_tree+0x105/0x220
[ 1325.963448]  vfs_get_tree+0x8e/0x300
[ 1325.964244]  path_mount+0x1490/0x21e0
[ 1325.965033]  ? strncpy_from_user+0x9e/0x470
[ 1325.965935]  ? finish_automount+0xa90/0xa90
[ 1325.966848]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1325.967826]  ? _copy_from_user+0xfb/0x1b0
[ 1325.968697]  __x64_sys_mount+0x282/0x300
[ 1325.969541]  ? copy_mnt_ns+0xa00/0xa00
[ 1325.970350]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1325.971427]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1325.972543]  do_syscall_64+0x33/0x40
[ 1325.973343]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1325.974435] RIP: 0033:0x7faeaa885b19
[ 1325.975230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1325.979175] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1325.980824] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1325.982345] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1325.983881] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1325.985415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1325.986941] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:40:32 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x80000}, 0x0)

20:40:32 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x96a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:40:32 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xaa4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:32 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xf0ffff}, 0x0)

20:40:32 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:32 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:32 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:32 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:40:32 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 37)

20:40:32 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x1000000}, 0x0)

20:40:32 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1326.341289] FAULT_INJECTION: forcing a failure.
[ 1326.341289] name failslab, interval 1, probability 0, space 0, times 0
[ 1326.343751] CPU: 1 PID: 21948 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1326.345216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1326.346959] Call Trace:
[ 1326.347528]  dump_stack+0x107/0x167
[ 1326.348313]  should_fail.cold+0x5/0xa
[ 1326.349111]  ? create_object.isra.0+0x3a/0xa30
[ 1326.350071]  should_failslab+0x5/0x20
[ 1326.350884]  kmem_cache_alloc+0x5b/0x310
[ 1326.351754]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1326.352703]  create_object.isra.0+0x3a/0xa30
[ 1326.353641]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1326.354713]  kmem_cache_alloc_trace+0x151/0x320
[ 1326.355709]  p9_fd_create+0x161/0x4a0
[ 1326.356522]  ? p9_conn_create+0x510/0x510
[ 1326.357404]  ? p9_client_create+0x798/0x1230
[ 1326.358336]  ? kfree+0xd7/0x340
[ 1326.359047]  p9_client_create+0x7ff/0x1230
[ 1326.359956]  ? p9_client_flush+0x430/0x430
[ 1326.360850]  ? trace_hardirqs_on+0x5b/0x180
[ 1326.361771]  ? lockdep_init_map_type+0x2c7/0x780
[ 1326.362775]  ? __raw_spin_lock_init+0x36/0x110
[ 1326.363769]  v9fs_session_init+0x1dd/0x1680
[ 1326.364688]  ? lock_release+0x680/0x680
[ 1326.365534]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1326.366547]  ? v9fs_show_options+0x690/0x690
[ 1326.367484]  ? trace_hardirqs_on+0x5b/0x180
[ 1326.368399]  ? kasan_unpoison_shadow+0x33/0x50
[ 1326.369367]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1326.370442]  v9fs_mount+0x79/0x8f0
[ 1326.371194]  ? v9fs_write_inode+0x60/0x60
[ 1326.372079]  legacy_get_tree+0x105/0x220
[ 1326.372949]  vfs_get_tree+0x8e/0x300
[ 1326.373740]  path_mount+0x1490/0x21e0
[ 1326.374553]  ? strncpy_from_user+0x9e/0x470
[ 1326.375474]  ? finish_automount+0xa90/0xa90
[ 1326.376396]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1326.377383]  ? _copy_from_user+0xfb/0x1b0
[ 1326.378268]  __x64_sys_mount+0x282/0x300
[ 1326.379122]  ? copy_mnt_ns+0xa00/0xa00
[ 1326.379959]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1326.381069]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1326.382169]  do_syscall_64+0x33/0x40
[ 1326.382967]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1326.384065] RIP: 0033:0x7faeaa885b19
[ 1326.384862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1326.388732] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1326.390328] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1326.391863] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1326.393384] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1326.394888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1326.396398] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1339.610342] FAULT_INJECTION: forcing a failure.
[ 1339.610342] name failslab, interval 1, probability 0, space 0, times 0
[ 1339.611722] CPU: 1 PID: 22130 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1339.612523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1339.613484] Call Trace:
[ 1339.613788]  dump_stack+0x107/0x167
[ 1339.614203]  should_fail.cold+0x5/0xa
[ 1339.614645]  ? p9_client_prepare_req.part.0+0x3a/0xac0
[ 1339.615244]  should_failslab+0x5/0x20
[ 1339.615677]  kmem_cache_alloc+0x5b/0x310
20:40:46 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:40:46 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:46 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 38)

20:40:46 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:46 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x98a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:40:46 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:46 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

20:40:46 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4800, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1339.616155]  p9_client_prepare_req.part.0+0x3a/0xac0
[ 1339.616956]  p9_client_rpc+0x220/0x1370
[ 1339.617410]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1339.618007]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1339.618622]  ? pipe_poll+0x21b/0x800
[ 1339.619042]  ? p9_fd_close+0x4a0/0x4a0
[ 1339.619485]  ? wait_for_partner+0x3c0/0x3c0
[ 1339.619988]  ? p9_fd_poll+0x1e0/0x2c0
[ 1339.620438]  ? p9_fd_create+0x357/0x4a0
[ 1339.620891]  ? p9_conn_create+0x510/0x510
[ 1339.621367]  ? p9_client_create+0x798/0x1230
[ 1339.621864]  ? kfree+0xd7/0x340
[ 1339.622244]  p9_client_create+0xa76/0x1230
[ 1339.622730]  ? p9_client_flush+0x430/0x430
[ 1339.623210]  ? trace_hardirqs_on+0x5b/0x180
[ 1339.623707]  ? lockdep_init_map_type+0x2c7/0x780
[ 1339.624247]  ? __raw_spin_lock_init+0x36/0x110
[ 1339.624776]  v9fs_session_init+0x1dd/0x1680
[ 1339.625268]  ? lock_release+0x680/0x680
[ 1339.625731]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1339.626278]  ? v9fs_show_options+0x690/0x690
[ 1339.626783]  ? trace_hardirqs_on+0x5b/0x180
[ 1339.627272]  ? kasan_unpoison_shadow+0x33/0x50
[ 1339.627804]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1339.628385]  v9fs_mount+0x79/0x8f0
[ 1339.628791]  ? v9fs_write_inode+0x60/0x60
[ 1339.629265]  legacy_get_tree+0x105/0x220
[ 1339.629739]  vfs_get_tree+0x8e/0x300
[ 1339.630162]  path_mount+0x1490/0x21e0
[ 1339.630607]  ? strncpy_from_user+0x9e/0x470
[ 1339.631095]  ? finish_automount+0xa90/0xa90
[ 1339.631588]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1339.632125]  ? _copy_from_user+0xfb/0x1b0
[ 1339.632600]  __x64_sys_mount+0x282/0x300
[ 1339.633063]  ? copy_mnt_ns+0xa00/0xa00
[ 1339.633505]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1339.634107]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1339.634712]  do_syscall_64+0x33/0x40
[ 1339.635138]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1339.635741] RIP: 0033:0x7faeaa885b19
[ 1339.636162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1339.638267] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1339.639141] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1339.639967] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1339.640778] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1339.641596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1339.642407] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:40:46 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xf000000}, 0x0)

20:40:46 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:40:46 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x74000000}, 0x0)

[ 1359.681700] FAULT_INJECTION: forcing a failure.
[ 1359.681700] name failslab, interval 1, probability 0, space 0, times 0
[ 1359.684338] CPU: 1 PID: 22669 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1359.685846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1359.687655] Call Trace:
[ 1359.688241]  dump_stack+0x107/0x167
[ 1359.689033]  should_fail.cold+0x5/0xa
[ 1359.689860]  ? create_object.isra.0+0x3a/0xa30
[ 1359.690847]  should_failslab+0x5/0x20
[ 1359.691673]  kmem_cache_alloc+0x5b/0x310
[ 1359.692576]  create_object.isra.0+0x3a/0xa30
[ 1359.693521]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1359.694621]  kmem_cache_alloc+0x159/0x310
[ 1359.695526]  p9_client_prepare_req.part.0+0x3a/0xac0
[ 1359.696644]  p9_client_rpc+0x220/0x1370
[ 1359.697507]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1359.698655]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1359.699815]  ? pipe_poll+0x21b/0x800
[ 1359.700624]  ? p9_fd_close+0x4a0/0x4a0
[ 1359.701467]  ? wait_for_partner+0x3c0/0x3c0
[ 1359.702401]  ? p9_fd_poll+0x1e0/0x2c0
[ 1359.703229]  ? p9_fd_create+0x357/0x4a0
[ 1359.704099]  ? p9_conn_create+0x510/0x510
[ 1359.704996]  ? p9_client_create+0x798/0x1230
[ 1359.705945]  ? kfree+0xd7/0x340
[ 1359.706673]  p9_client_create+0xa76/0x1230
[ 1359.707596]  ? p9_client_flush+0x430/0x430
[ 1359.708522]  ? trace_hardirqs_on+0x5b/0x180
[ 1359.709454]  ? lockdep_init_map_type+0x2c7/0x780
20:41:06 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:41:06 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:06 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:06 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x9effffff}, 0x0)

20:41:06 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x99a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:06 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 39)

20:41:06 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:06 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xba4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1359.710480]  ? __raw_spin_lock_init+0x36/0x110
[ 1359.711819]  v9fs_session_init+0x1dd/0x1680
[ 1359.712771]  ? lock_release+0x680/0x680
[ 1359.713647]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1359.714691]  ? v9fs_show_options+0x690/0x690
[ 1359.715647]  ? trace_hardirqs_on+0x5b/0x180
[ 1359.716907]  ? kasan_unpoison_shadow+0x33/0x50
[ 1359.718076]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1359.719361]  v9fs_mount+0x79/0x8f0
[ 1359.720285]  ? v9fs_write_inode+0x60/0x60
[ 1359.721340]  legacy_get_tree+0x105/0x220
[ 1359.722371]  vfs_get_tree+0x8e/0x300
[ 1359.723315]  path_mount+0x1490/0x21e0
[ 1359.724292]  ? strncpy_from_user+0x9e/0x470
[ 1359.725003]  ? finish_automount+0xa90/0xa90
[ 1359.725707]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1359.726463]  ? _copy_from_user+0xfb/0x1b0
[ 1359.727137]  __x64_sys_mount+0x282/0x300
[ 1359.727792]  ? copy_mnt_ns+0xa00/0xa00
[ 1359.728427]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1359.729156]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1359.729867]  do_syscall_64+0x33/0x40
[ 1359.730379]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1359.731082] RIP: 0033:0x7faeaa885b19
[ 1359.731606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1359.734147] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1359.735207] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1359.736189] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1359.737165] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1359.738145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1359.739134] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:41:06 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xf0ffffff}, 0x0)

20:41:06 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:06 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:06 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xfffff000}, 0x0)

20:41:06 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:06 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9aa3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:06 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6800, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:06 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xffffff7f}, 0x0)

20:41:18 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9ba3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:18 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:18 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xffffff9e}, 0x0)

20:41:18 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:18 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 40)

20:41:18 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:41:18 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x10f6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:18 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xca4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1372.359447] FAULT_INJECTION: forcing a failure.
[ 1372.359447] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 1372.362679] CPU: 0 PID: 23530 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1372.364503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1372.366684] Call Trace:
[ 1372.367382]  dump_stack+0x107/0x167
[ 1372.368348]  should_fail.cold+0x5/0xa
[ 1372.369352]  __alloc_pages_nodemask+0x182/0x600
[ 1372.370574]  ? lock_acquire+0x197/0x470
[ 1372.371625]  ? create_object.isra.0+0x3ad/0xa30
[ 1372.372857]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1372.374462]  ? kmem_cache_alloc+0x159/0x310
[ 1372.375609]  alloc_pages_current+0x187/0x280
[ 1372.376772]  kmalloc_order+0x35/0x160
[ 1372.377779]  kmalloc_order_trace+0x14/0xa0
[ 1372.378900]  p9_fcall_init+0x97/0x290
[ 1372.379902]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 1372.381255]  p9_client_rpc+0x220/0x1370
[ 1372.382304]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1372.383679]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1372.385094]  ? pipe_poll+0x21b/0x800
[ 1372.386064]  ? p9_fd_close+0x4a0/0x4a0
[ 1372.387081]  ? wait_for_partner+0x3c0/0x3c0
[ 1372.388266]  ? p9_fd_poll+0x1e0/0x2c0
[ 1372.389256]  ? p9_fd_create+0x357/0x4a0
[ 1372.390291]  ? p9_conn_create+0x510/0x510
[ 1372.391373]  ? p9_client_create+0x798/0x1230
[ 1372.392525]  ? kfree+0xd7/0x340
[ 1372.393389]  p9_client_create+0xa76/0x1230
[ 1372.394499]  ? p9_client_flush+0x430/0x430
[ 1372.395605]  ? trace_hardirqs_on+0x5b/0x180
[ 1372.396739]  ? lockdep_init_map_type+0x2c7/0x780
[ 1372.397976]  ? __raw_spin_lock_init+0x36/0x110
[ 1372.399168]  v9fs_session_init+0x1dd/0x1680
[ 1372.400312]  ? lock_release+0x680/0x680
[ 1372.401344]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1372.402595]  ? v9fs_show_options+0x690/0x690
[ 1372.403752]  ? trace_hardirqs_on+0x5b/0x180
[ 1372.404883]  ? kasan_unpoison_shadow+0x33/0x50
[ 1372.406070]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1372.407378]  v9fs_mount+0x79/0x8f0
[ 1372.408310]  ? v9fs_write_inode+0x60/0x60
[ 1372.409382]  legacy_get_tree+0x105/0x220
[ 1372.410433]  vfs_get_tree+0x8e/0x300
[ 1372.411391]  path_mount+0x1490/0x21e0
[ 1372.412392]  ? strncpy_from_user+0x9e/0x470
[ 1372.413511]  ? finish_automount+0xa90/0xa90
[ 1372.414621]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1372.415825]  ? _copy_from_user+0xfb/0x1b0
[ 1372.416899]  __x64_sys_mount+0x282/0x300
[ 1372.417929]  ? copy_mnt_ns+0xa00/0xa00
[ 1372.418933]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1372.420281]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1372.421615]  do_syscall_64+0x33/0x40
[ 1372.422570]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1372.423883] RIP: 0033:0x7faeaa885b19
[ 1372.424841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1372.429606] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1372.431551] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1372.433382] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1372.435206] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1372.437032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1372.438853] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:41:18 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9ca3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:18 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xfffffff0}, 0x0)

20:41:19 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:19 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:19 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9da3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:19 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:41:19 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0xffffffff}, 0x0)

20:41:19 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 41)

[ 1372.596808] FAULT_INJECTION: forcing a failure.
[ 1372.596808] name failslab, interval 1, probability 0, space 0, times 0
[ 1372.598471] CPU: 1 PID: 24043 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1372.599402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1372.600494] Call Trace:
[ 1372.600855]  dump_stack+0x107/0x167
[ 1372.601346]  should_fail.cold+0x5/0xa
[ 1372.601864]  ? create_object.isra.0+0x3a/0xa30
[ 1372.602479]  should_failslab+0x5/0x20
[ 1372.602992]  kmem_cache_alloc+0x5b/0x310
[ 1372.603542]  create_object.isra.0+0x3a/0xa30
[ 1372.604136]  ? kasan_unpoison_shadow+0x33/0x50
[ 1372.604752]  kmalloc_order+0xfe/0x160
[ 1372.605270]  kmalloc_order_trace+0x14/0xa0
[ 1372.605843]  p9_fcall_init+0x97/0x290
[ 1372.606355]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 1372.607043]  p9_client_rpc+0x220/0x1370
[ 1372.607582]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1372.608304]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1372.609027]  ? pipe_poll+0x21b/0x800
[ 1372.609525]  ? p9_fd_close+0x4a0/0x4a0
[ 1372.610046]  ? wait_for_partner+0x3c0/0x3c0
[ 1372.610628]  ? p9_fd_poll+0x1e0/0x2c0
[ 1372.611128]  ? p9_fd_create+0x357/0x4a0
[ 1372.611661]  ? p9_conn_create+0x510/0x510
[ 1372.612219]  ? p9_client_create+0x798/0x1230
[ 1372.612806]  ? kfree+0xd7/0x340
[ 1372.613253]  p9_client_create+0xa76/0x1230
[ 1372.613822]  ? p9_client_flush+0x430/0x430
[ 1372.614385]  ? trace_hardirqs_on+0x5b/0x180
[ 1372.614958]  ? lockdep_init_map_type+0x2c7/0x780
[ 1372.615589]  ? __raw_spin_lock_init+0x36/0x110
[ 1372.616208]  v9fs_session_init+0x1dd/0x1680
[ 1372.616786]  ? lock_release+0x680/0x680
[ 1372.617319]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1372.617963]  ? v9fs_show_options+0x690/0x690
[ 1372.618559]  ? trace_hardirqs_on+0x5b/0x180
[ 1372.619136]  ? kasan_unpoison_shadow+0x33/0x50
[ 1372.619745]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1372.620444]  v9fs_mount+0x79/0x8f0
[ 1372.620917]  ? v9fs_write_inode+0x60/0x60
[ 1372.621484]  legacy_get_tree+0x105/0x220
[ 1372.622007]  vfs_get_tree+0x8e/0x300
[ 1372.622521]  path_mount+0x1490/0x21e0
[ 1372.623038]  ? strncpy_from_user+0x9e/0x470
[ 1372.623636]  ? finish_automount+0xa90/0xa90
[ 1372.624237]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1372.624874]  ? _copy_from_user+0xfb/0x1b0
[ 1372.625424]  __x64_sys_mount+0x282/0x300
[ 1372.625983]  ? copy_mnt_ns+0xa00/0xa00
[ 1372.626488]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1372.627214]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1372.627921]  do_syscall_64+0x33/0x40
[ 1372.628442]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1372.629147] RIP: 0033:0x7faeaa885b19
[ 1372.629662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1372.632061] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1372.633130] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1372.634054] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1372.635042] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1372.635986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1372.636982] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:41:19 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:19 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xda4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:19 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x2)

20:41:19 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:31 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x8)

[ 1384.954632] FAULT_INJECTION: forcing a failure.
[ 1384.954632] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1384.956102] CPU: 1 PID: 24511 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1384.956914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1384.957867] Call Trace:
[ 1384.958178]  dump_stack+0x107/0x167
[ 1384.958599]  should_fail.cold+0x5/0xa
[ 1384.959044]  __alloc_pages_nodemask+0x182/0x600
[ 1384.959579]  ? lock_release+0x680/0x680
[ 1384.960033]  ? find_held_lock+0x2c/0x110
[ 1384.960518]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1384.961216]  alloc_pages_current+0x187/0x280
20:41:31 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9ea3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:31 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:31 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 42)

[ 1384.961719]  kmalloc_order+0x35/0x160
[ 1384.962397]  kmalloc_order_trace+0x14/0xa0
[ 1384.962888]  p9_fcall_init+0x97/0x290
[ 1384.963325]  p9_client_prepare_req.part.0+0xf4/0xac0
[ 1384.963906]  p9_client_rpc+0x220/0x1370
[ 1384.964386]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1384.964992]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1384.965602]  ? pipe_poll+0x21b/0x800
[ 1384.966027]  ? p9_fd_close+0x4a0/0x4a0
[ 1384.966470]  ? wait_for_partner+0x3c0/0x3c0
[ 1384.966961]  ? p9_fd_poll+0x1e0/0x2c0
[ 1384.967402]  ? p9_fd_create+0x357/0x4a0
[ 1384.967855]  ? p9_conn_create+0x510/0x510
[ 1384.968341]  ? p9_client_create+0x798/0x1230
[ 1384.968842]  ? kfree+0xd7/0x340
[ 1384.969227]  p9_client_create+0xa76/0x1230
[ 1384.969716]  ? p9_client_flush+0x430/0x430
[ 1384.970201]  ? trace_hardirqs_on+0x5b/0x180
[ 1384.970693]  ? lockdep_init_map_type+0x2c7/0x780
[ 1384.971235]  ? __raw_spin_lock_init+0x36/0x110
[ 1384.971762]  v9fs_session_init+0x1dd/0x1680
[ 1384.972272]  ? lock_release+0x680/0x680
[ 1384.972735]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1384.973282]  ? v9fs_show_options+0x690/0x690
[ 1384.973791]  ? trace_hardirqs_on+0x5b/0x180
[ 1384.974286]  ? kasan_unpoison_shadow+0x33/0x50
[ 1384.974805]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1384.975385]  v9fs_mount+0x79/0x8f0
[ 1384.975792]  ? v9fs_write_inode+0x60/0x60
[ 1384.976279]  legacy_get_tree+0x105/0x220
[ 1384.976746]  vfs_get_tree+0x8e/0x300
[ 1384.977176]  path_mount+0x1490/0x21e0
[ 1384.977616]  ? strncpy_from_user+0x9e/0x470
[ 1384.978106]  ? finish_automount+0xa90/0xa90
[ 1384.978602]  ? getname_flags.part.0+0x1dd/0x4f0
20:41:31 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:31 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1384.979138]  ? _copy_from_user+0xfb/0x1b0
[ 1384.979851]  __x64_sys_mount+0x282/0x300
[ 1384.980335]  ? copy_mnt_ns+0xa00/0xa00
[ 1384.980781]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1384.981381]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1384.981970]  do_syscall_64+0x33/0x40
[ 1384.982394]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1384.982979] RIP: 0033:0x7faeaa885b19
[ 1384.983403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1384.985514] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1384.986382] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1384.987199] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1384.988013] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1384.988845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1384.989662] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:41:31 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf)

20:41:31 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 43)

20:41:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9fa3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1385.128049] FAULT_INJECTION: forcing a failure.
[ 1385.128049] name failslab, interval 1, probability 0, space 0, times 0
[ 1385.129553] CPU: 1 PID: 24961 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1385.130343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1385.131288] Call Trace:
[ 1385.131597]  dump_stack+0x107/0x167
[ 1385.132011]  should_fail.cold+0x5/0xa
[ 1385.132473]  ? create_object.isra.0+0x3a/0xa30
[ 1385.132991]  should_failslab+0x5/0x20
[ 1385.133426]  kmem_cache_alloc+0x5b/0x310
[ 1385.133890]  create_object.isra.0+0x3a/0xa30
[ 1385.134386]  ? kasan_unpoison_shadow+0x33/0x50
[ 1385.134908]  kmalloc_order+0xfe/0x160
[ 1385.135340]  kmalloc_order_trace+0x14/0xa0
[ 1385.135821]  p9_fcall_init+0x97/0x290
[ 1385.136272]  p9_client_prepare_req.part.0+0xf4/0xac0
[ 1385.136853]  p9_client_rpc+0x220/0x1370
[ 1385.137308]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1385.137909]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1385.138516]  ? pipe_poll+0x21b/0x800
[ 1385.138937]  ? p9_fd_close+0x4a0/0x4a0
[ 1385.139379]  ? wait_for_partner+0x3c0/0x3c0
[ 1385.139871]  ? p9_fd_poll+0x1e0/0x2c0
[ 1385.140323]  ? p9_fd_create+0x357/0x4a0
[ 1385.140771]  ? p9_conn_create+0x510/0x510
[ 1385.141238]  ? p9_client_create+0x798/0x1230
[ 1385.141738]  ? kfree+0xd7/0x340
[ 1385.142122]  p9_client_create+0xa76/0x1230
[ 1385.142606]  ? p9_client_flush+0x430/0x430
[ 1385.143086]  ? trace_hardirqs_on+0x5b/0x180
[ 1385.143576]  ? lockdep_init_map_type+0x2c7/0x780
[ 1385.144115]  ? __raw_spin_lock_init+0x36/0x110
[ 1385.144655]  v9fs_session_init+0x1dd/0x1680
[ 1385.145148]  ? lock_release+0x680/0x680
[ 1385.145605]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1385.146155]  ? v9fs_show_options+0x690/0x690
[ 1385.146665]  ? trace_hardirqs_on+0x5b/0x180
[ 1385.147159]  ? kasan_unpoison_shadow+0x33/0x50
[ 1385.147677]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1385.148270]  v9fs_mount+0x79/0x8f0
[ 1385.148678]  ? v9fs_write_inode+0x60/0x60
[ 1385.149149]  legacy_get_tree+0x105/0x220
[ 1385.149610]  vfs_get_tree+0x8e/0x300
[ 1385.150037]  path_mount+0x1490/0x21e0
[ 1385.150475]  ? strncpy_from_user+0x9e/0x470
[ 1385.150962]  ? finish_automount+0xa90/0xa90
[ 1385.151453]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1385.151979]  ? _copy_from_user+0xfb/0x1b0
[ 1385.152470]  __x64_sys_mount+0x282/0x300
[ 1385.152931]  ? copy_mnt_ns+0xa00/0xa00
[ 1385.153376]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1385.153976]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1385.154563]  do_syscall_64+0x33/0x40
[ 1385.154989]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1385.155574] RIP: 0033:0x7faeaa885b19
[ 1385.155996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1385.158091] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1385.158954] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1385.159759] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1385.160581] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1385.161386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1385.162189] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:41:31 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xea4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:31 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa0a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:31 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x74)

20:41:31 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x70a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:31 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:41:31 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xedc0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:44 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:41:44 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:45 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x71a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:45 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfa4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:45 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf0)

20:41:45 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa1a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:45 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xf610, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:45 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 44)

[ 1398.454545] FAULT_INJECTION: forcing a failure.
[ 1398.454545] name failslab, interval 1, probability 0, space 0, times 0
[ 1398.456193] CPU: 0 PID: 25380 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1398.457099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1398.458204] Call Trace:
[ 1398.458559]  dump_stack+0x107/0x167
[ 1398.459044]  should_fail.cold+0x5/0xa
[ 1398.459558]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1398.460330]  should_failslab+0x5/0x20
[ 1398.460848]  kmem_cache_alloc+0x5b/0x310
[ 1398.461393]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1398.462145]  idr_get_free+0x4b5/0x8f0
[ 1398.462663]  idr_alloc_u32+0x170/0x2d0
[ 1398.463186]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1398.463837]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1398.464559]  ? lock_release+0x680/0x680
[ 1398.465093]  idr_alloc+0xc2/0x130
[ 1398.465557]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1398.466101]  ? rwlock_bug.part.0+0x90/0x90
[ 1398.466674]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1398.467373]  p9_client_rpc+0x220/0x1370
[ 1398.467897]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1398.468606]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1398.469312]  ? pipe_poll+0x21b/0x800
[ 1398.469802]  ? p9_fd_close+0x4a0/0x4a0
[ 1398.470316]  ? wait_for_partner+0x3c0/0x3c0
[ 1398.470886]  ? p9_fd_poll+0x1e0/0x2c0
[ 1398.471393]  ? p9_fd_create+0x357/0x4a0
[ 1398.471919]  ? p9_conn_create+0x510/0x510
[ 1398.472474]  ? p9_client_create+0x798/0x1230
[ 1398.473054]  ? kfree+0xd7/0x340
[ 1398.473498]  p9_client_create+0xa76/0x1230
[ 1398.474064]  ? p9_client_flush+0x430/0x430
[ 1398.474626]  ? trace_hardirqs_on+0x5b/0x180
[ 1398.475196]  ? lockdep_init_map_type+0x2c7/0x780
[ 1398.475827]  ? __raw_spin_lock_init+0x36/0x110
[ 1398.476445]  v9fs_session_init+0x1dd/0x1680
[ 1398.477019]  ? lock_release+0x680/0x680
[ 1398.477549]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1398.478186]  ? v9fs_show_options+0x690/0x690
[ 1398.478775]  ? trace_hardirqs_on+0x5b/0x180
[ 1398.479343]  ? kasan_unpoison_shadow+0x33/0x50
[ 1398.479943]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1398.480628]  v9fs_mount+0x79/0x8f0
[ 1398.481096]  ? v9fs_write_inode+0x60/0x60
[ 1398.481642]  legacy_get_tree+0x105/0x220
[ 1398.482178]  vfs_get_tree+0x8e/0x300
[ 1398.482672]  path_mount+0x1490/0x21e0
[ 1398.483180]  ? strncpy_from_user+0x9e/0x470
[ 1398.483753]  ? finish_automount+0xa90/0xa90
[ 1398.484321]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1398.484944]  ? _copy_from_user+0xfb/0x1b0
[ 1398.485503]  __x64_sys_mount+0x282/0x300
[ 1398.486042]  ? copy_mnt_ns+0xa00/0xa00
[ 1398.486562]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1398.487260]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1398.487947]  do_syscall_64+0x33/0x40
[ 1398.488449]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1398.489122] RIP: 0033:0x7faeaa885b19
[ 1398.489616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1398.492033] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1398.493052] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1398.493993] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1398.494934] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1398.495855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1398.496801] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:41:45 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf00)

20:41:45 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa2a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:45 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:45 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x72a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:41:45 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x7400)

20:41:45 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa385, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:41:45 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf000)

20:41:45 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:41:45 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 45)

[ 1398.776400] FAULT_INJECTION: forcing a failure.
[ 1398.776400] name failslab, interval 1, probability 0, space 0, times 0
[ 1398.778851] CPU: 1 PID: 26004 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1398.780311] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1398.782123] Call Trace:
[ 1398.782697]  dump_stack+0x107/0x167
[ 1398.783487]  should_fail.cold+0x5/0xa
[ 1398.784314]  ? create_object.isra.0+0x3a/0xa30
[ 1398.785308]  should_failslab+0x5/0x20
[ 1398.786135]  kmem_cache_alloc+0x5b/0x310
[ 1398.787018]  create_object.isra.0+0x3a/0xa30
[ 1398.787962]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1398.789089]  kmem_cache_alloc+0x159/0x310
[ 1398.789997]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1398.791214]  idr_get_free+0x4b5/0x8f0
[ 1398.792050]  idr_alloc_u32+0x170/0x2d0
[ 1398.792904]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1398.793952]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1398.795104]  ? lock_release+0x680/0x680
[ 1398.795971]  idr_alloc+0xc2/0x130
[ 1398.796729]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1398.797599]  ? rwlock_bug.part.0+0x90/0x90
[ 1398.798526]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1398.799650]  p9_client_rpc+0x220/0x1370
[ 1398.800516]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1398.801659]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1398.802817]  ? pipe_poll+0x21b/0x800
[ 1398.803615]  ? p9_fd_close+0x4a0/0x4a0
[ 1398.804461]  ? wait_for_partner+0x3c0/0x3c0
[ 1398.805393]  ? p9_fd_poll+0x1e0/0x2c0
[ 1398.806217]  ? p9_fd_create+0x357/0x4a0
[ 1398.807070]  ? p9_conn_create+0x510/0x510
[ 1398.807962]  ? p9_client_create+0x798/0x1230
[ 1398.808917]  ? kfree+0xd7/0x340
[ 1398.809639]  p9_client_create+0xa76/0x1230
[ 1398.810560]  ? p9_client_flush+0x430/0x430
[ 1398.811472]  ? trace_hardirqs_on+0x5b/0x180
[ 1398.812415]  ? lockdep_init_map_type+0x2c7/0x780
[ 1398.813439]  ? __raw_spin_lock_init+0x36/0x110
[ 1398.814429]  v9fs_session_init+0x1dd/0x1680
[ 1398.815363]  ? lock_release+0x680/0x680
[ 1398.816227]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1398.817282]  ? v9fs_show_options+0x690/0x690
[ 1398.818242]  ? trace_hardirqs_on+0x5b/0x180
[ 1398.819171]  ? kasan_unpoison_shadow+0x33/0x50
[ 1398.820152]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1398.821262]  v9fs_mount+0x79/0x8f0
[ 1398.822029]  ? v9fs_write_inode+0x60/0x60
[ 1398.822917]  legacy_get_tree+0x105/0x220
[ 1398.823796]  vfs_get_tree+0x8e/0x300
[ 1398.824609]  path_mount+0x1490/0x21e0
[ 1398.825438]  ? strncpy_from_user+0x9e/0x470
[ 1398.826364]  ? finish_automount+0xa90/0xa90
[ 1398.827292]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1398.828292]  ? _copy_from_user+0xfb/0x1b0
[ 1398.829199]  __x64_sys_mount+0x282/0x300
[ 1398.830072]  ? copy_mnt_ns+0xa00/0xa00
[ 1398.830914]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1398.832044]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1398.833165]  do_syscall_64+0x33/0x40
[ 1398.833965]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1398.835067] RIP: 0033:0x7faeaa885b19
[ 1398.835867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1398.839846] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1398.841501] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1398.843044] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1398.844591] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1398.846133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1398.847673] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:42:01 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 46)

20:42:01 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x80000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:01 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x10a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:01 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x73a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:01 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:01 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa386, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:01 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x80000)

20:42:01 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x0, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1415.106734] FAULT_INJECTION: forcing a failure.
[ 1415.106734] name failslab, interval 1, probability 0, space 0, times 0
[ 1415.109588] CPU: 0 PID: 26085 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1415.111360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1415.113492] Call Trace:
[ 1415.114163]  dump_stack+0x107/0x167
[ 1415.115088]  should_fail.cold+0x5/0xa
[ 1415.116069]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1415.117524]  should_failslab+0x5/0x20
[ 1415.118492]  kmem_cache_alloc+0x5b/0x310
[ 1415.119528]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1415.120964]  idr_get_free+0x4b5/0x8f0
[ 1415.121950]  idr_alloc_u32+0x170/0x2d0
[ 1415.122936]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1415.124170]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1415.125503]  ? lock_release+0x680/0x680
[ 1415.126511]  idr_alloc+0xc2/0x130
[ 1415.127400]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1415.128418]  ? rwlock_bug.part.0+0x90/0x90
[ 1415.129494]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1415.130804]  p9_client_rpc+0x220/0x1370
[ 1415.131806]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1415.133123]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1415.134476]  ? pipe_poll+0x21b/0x800
[ 1415.135409]  ? p9_fd_close+0x4a0/0x4a0
[ 1415.136384]  ? wait_for_partner+0x3c0/0x3c0
[ 1415.137477]  ? p9_fd_poll+0x1e0/0x2c0
[ 1415.138438]  ? p9_fd_create+0x357/0x4a0
[ 1415.139421]  ? p9_conn_create+0x510/0x510
[ 1415.140461]  ? p9_client_create+0x798/0x1230
[ 1415.141563]  ? kfree+0xd7/0x340
[ 1415.142394]  p9_client_create+0xa76/0x1230
[ 1415.143467]  ? p9_client_flush+0x430/0x430
[ 1415.144551]  ? trace_hardirqs_on+0x5b/0x180
[ 1415.145625]  ? lockdep_init_map_type+0x2c7/0x780
[ 1415.146807]  ? __raw_spin_lock_init+0x36/0x110
[ 1415.147961]  v9fs_session_init+0x1dd/0x1680
[ 1415.149062]  ? lock_release+0x680/0x680
[ 1415.150067]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1415.151287]  ? v9fs_show_options+0x690/0x690
[ 1415.152381]  ? trace_hardirqs_on+0x5b/0x180
[ 1415.153465]  ? kasan_unpoison_shadow+0x33/0x50
[ 1415.154594]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1415.155857]  v9fs_mount+0x79/0x8f0
[ 1415.156746]  ? v9fs_write_inode+0x60/0x60
[ 1415.157782]  legacy_get_tree+0x105/0x220
[ 1415.158800]  vfs_get_tree+0x8e/0x300
[ 1415.159719]  path_mount+0x1490/0x21e0
[ 1415.160680]  ? strncpy_from_user+0x9e/0x470
[ 1415.161746]  ? finish_automount+0xa90/0xa90
[ 1415.162806]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1415.163956]  ? _copy_from_user+0xfb/0x1b0
[ 1415.164991]  __x64_sys_mount+0x282/0x300
[ 1415.165995]  ? copy_mnt_ns+0xa00/0xa00
[ 1415.166973]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1415.168272]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1415.169570]  do_syscall_64+0x33/0x40
[ 1415.170490]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1415.171760] RIP: 0033:0x7faeaa885b19
[ 1415.172692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1415.177237] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1415.179106] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1415.180868] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1415.182625] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1415.184371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1415.186146] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:42:15 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa387, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:15 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 47)

20:42:15 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xe0ffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:15 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7400, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf0ffff)

20:42:15 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x11a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:15 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x0, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:42:15 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1429.334780] FAULT_INJECTION: forcing a failure.
[ 1429.334780] name failslab, interval 1, probability 0, space 0, times 0
[ 1429.337934] CPU: 0 PID: 26492 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1429.339830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1429.342127] Call Trace:
[ 1429.342877]  dump_stack+0x107/0x167
[ 1429.343878]  should_fail.cold+0x5/0xa
[ 1429.344977]  ? create_object.isra.0+0x3a/0xa30
[ 1429.346227]  should_failslab+0x5/0x20
[ 1429.347281]  kmem_cache_alloc+0x5b/0x310
[ 1429.348462]  create_object.isra.0+0x3a/0xa30
[ 1429.349753]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1429.351137]  kmem_cache_alloc+0x159/0x310
[ 1429.352313]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1429.353856]  idr_get_free+0x4b5/0x8f0
[ 1429.354776]  idr_alloc_u32+0x170/0x2d0
[ 1429.355730]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1429.356907]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1429.358175]  ? lock_release+0x680/0x680
[ 1429.359132]  idr_alloc+0xc2/0x130
[ 1429.359956]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1429.360936]  ? rwlock_bug.part.0+0x90/0x90
[ 1429.361978]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1429.363225]  p9_client_rpc+0x220/0x1370
[ 1429.364183]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1429.365489]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1429.366778]  ? pipe_poll+0x21b/0x800
[ 1429.367674]  ? p9_fd_close+0x4a0/0x4a0
[ 1429.368601]  ? wait_for_partner+0x3c0/0x3c0
[ 1429.369653]  ? p9_fd_poll+0x1e0/0x2c0
[ 1429.370579]  ? p9_fd_create+0x357/0x4a0
[ 1429.371535]  ? p9_conn_create+0x510/0x510
[ 1429.372523]  ? p9_client_create+0x798/0x1230
[ 1429.373606]  ? kfree+0xd7/0x340
[ 1429.374412]  p9_client_create+0xa76/0x1230
[ 1429.375423]  ? p9_client_flush+0x430/0x430
[ 1429.376440]  ? trace_hardirqs_on+0x5b/0x180
[ 1429.377488]  ? lockdep_init_map_type+0x2c7/0x780
[ 1429.378617]  ? __raw_spin_lock_init+0x36/0x110
[ 1429.379736]  v9fs_session_init+0x1dd/0x1680
[ 1429.380776]  ? lock_release+0x680/0x680
[ 1429.381744]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1429.382885]  ? v9fs_show_options+0x690/0x690
[ 1429.383933]  ? trace_hardirqs_on+0x5b/0x180
[ 1429.384981]  ? kasan_unpoison_shadow+0x33/0x50
[ 1429.386059]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1429.387298]  v9fs_mount+0x79/0x8f0
[ 1429.388145]  ? v9fs_write_inode+0x60/0x60
[ 1429.389151]  legacy_get_tree+0x105/0x220
[ 1429.390137]  vfs_get_tree+0x8e/0x300
[ 1429.391033]  path_mount+0x1490/0x21e0
[ 1429.391945]  ? strncpy_from_user+0x9e/0x470
[ 1429.393000]  ? finish_automount+0xa90/0xa90
[ 1429.394022]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1429.395143]  ? _copy_from_user+0xfb/0x1b0
[ 1429.396134]  __x64_sys_mount+0x282/0x300
[ 1429.397129]  ? copy_mnt_ns+0xa00/0xa00
[ 1429.398055]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1429.399309]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1429.400543]  do_syscall_64+0x33/0x40
[ 1429.401452]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1429.402663] RIP: 0033:0x7faeaa885b19
[ 1429.403560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1429.408065] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1429.409905] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1429.411617] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1429.413291] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1429.414922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1429.416566] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:42:15 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x0, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:42:16 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:16 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x74a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:16 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa388, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x1000000)

20:42:16 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x2000000)

20:42:16 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa389, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:16 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x75a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:16 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 48)

20:42:16 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:16 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x1000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:16 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x0, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:42:16 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa38a, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf000000)

[ 1429.734071] FAULT_INJECTION: forcing a failure.
[ 1429.734071] name failslab, interval 1, probability 0, space 0, times 0
[ 1429.735381] CPU: 1 PID: 27335 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1429.736144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1429.737072] Call Trace:
[ 1429.737392]  dump_stack+0x107/0x167
[ 1429.737826]  should_fail.cold+0x5/0xa
[ 1429.738288]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1429.738967]  should_failslab+0x5/0x20
[ 1429.739417]  kmem_cache_alloc+0x5b/0x310
[ 1429.739903]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1429.740581]  idr_get_free+0x4b5/0x8f0
[ 1429.741047]  idr_alloc_u32+0x170/0x2d0
[ 1429.741516]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1429.742088]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1429.742720]  ? lock_release+0x680/0x680
[ 1429.743201]  idr_alloc+0xc2/0x130
[ 1429.743615]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1429.744096]  ? rwlock_bug.part.0+0x90/0x90
[ 1429.744579]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1429.745205]  p9_client_rpc+0x220/0x1370
[ 1429.745681]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1429.746300]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1429.746931]  ? pipe_poll+0x21b/0x800
[ 1429.747371]  ? p9_fd_close+0x4a0/0x4a0
[ 1429.747830]  ? wait_for_partner+0x3c0/0x3c0
[ 1429.748337]  ? p9_fd_poll+0x1e0/0x2c0
[ 1429.748773]  ? p9_fd_create+0x357/0x4a0
[ 1429.749239]  ? p9_conn_create+0x510/0x510
[ 1429.749724]  ? p9_client_create+0x798/0x1230
[ 1429.750245]  ? kfree+0xd7/0x340
[ 1429.750642]  p9_client_create+0xa76/0x1230
[ 1429.751149]  ? p9_client_flush+0x430/0x430
[ 1429.751655]  ? trace_hardirqs_on+0x5b/0x180
[ 1429.752167]  ? lockdep_init_map_type+0x2c7/0x780
[ 1429.752730]  ? __raw_spin_lock_init+0x36/0x110
[ 1429.753270]  v9fs_session_init+0x1dd/0x1680
[ 1429.753779]  ? lock_release+0x680/0x680
[ 1429.754255]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1429.754819]  ? v9fs_show_options+0x690/0x690
[ 1429.755339]  ? trace_hardirqs_on+0x5b/0x180
[ 1429.755843]  ? kasan_unpoison_shadow+0x33/0x50
[ 1429.756387]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1429.757002]  v9fs_mount+0x79/0x8f0
[ 1429.757397]  ? v9fs_write_inode+0x60/0x60
[ 1429.757881]  legacy_get_tree+0x105/0x220
[ 1429.758335]  vfs_get_tree+0x8e/0x300
[ 1429.758776]  path_mount+0x1490/0x21e0
[ 1429.759226]  ? strncpy_from_user+0x9e/0x470
[ 1429.759730]  ? finish_automount+0xa90/0xa90
[ 1429.760238]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1429.760799]  ? _copy_from_user+0xfb/0x1b0
[ 1429.761286]  __x64_sys_mount+0x282/0x300
[ 1429.761759]  ? copy_mnt_ns+0xa00/0xa00
[ 1429.762218]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1429.762835]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1429.763443]  do_syscall_64+0x33/0x40
[ 1429.763883]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1429.764490] RIP: 0033:0x7faeaa885b19
[ 1429.764938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1429.767121] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1429.768012] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1429.768858] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1429.769663] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1429.770451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1429.771243] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:42:30 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4800, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:30 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x2000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:30 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:30 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x76a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:30 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa38b, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:30 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x74000000)

20:42:30 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x0, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:42:30 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 49)

20:42:30 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa38c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1444.113462] FAULT_INJECTION: forcing a failure.
[ 1444.113462] name failslab, interval 1, probability 0, space 0, times 0
[ 1444.115948] CPU: 0 PID: 27590 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1444.117478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1444.119262] Call Trace:
[ 1444.119838]  dump_stack+0x107/0x167
[ 1444.120617]  should_fail.cold+0x5/0xa
[ 1444.121454]  ? create_object.isra.0+0x3a/0xa30
[ 1444.122424]  should_failslab+0x5/0x20
[ 1444.123230]  kmem_cache_alloc+0x5b/0x310
[ 1444.124093]  create_object.isra.0+0x3a/0xa30
[ 1444.125068]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1444.126160]  kmem_cache_alloc+0x159/0x310
[ 1444.127058]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1444.128264]  idr_get_free+0x4b5/0x8f0
[ 1444.129138]  idr_alloc_u32+0x170/0x2d0
[ 1444.129999]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1444.131046]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 1444.132202]  ? lock_release+0x680/0x680
[ 1444.133100]  idr_alloc+0xc2/0x130
[ 1444.133862]  ? idr_alloc_u32+0x2d0/0x2d0
[ 1444.134758]  ? rwlock_bug.part.0+0x90/0x90
[ 1444.135695]  p9_client_prepare_req.part.0+0x612/0xac0
[ 1444.136866]  p9_client_rpc+0x220/0x1370
[ 1444.137752]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1444.138911]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1444.140082]  ? pipe_poll+0x21b/0x800
[ 1444.140920]  ? p9_fd_close+0x4a0/0x4a0
[ 1444.141780]  ? wait_for_partner+0x3c0/0x3c0
[ 1444.142724]  ? p9_fd_poll+0x1e0/0x2c0
[ 1444.143561]  ? p9_fd_create+0x357/0x4a0
[ 1444.144446]  ? p9_conn_create+0x510/0x510
[ 1444.145364]  ? p9_client_create+0x798/0x1230
[ 1444.146332]  ? kfree+0xd7/0x340
[ 1444.147046]  p9_client_create+0xa76/0x1230
[ 1444.147973]  ? p9_client_flush+0x430/0x430
[ 1444.148924]  ? trace_hardirqs_on+0x5b/0x180
[ 1444.149868]  ? lockdep_init_map_type+0x2c7/0x780
[ 1444.150910]  ? __raw_spin_lock_init+0x36/0x110
[ 1444.151915]  v9fs_session_init+0x1dd/0x1680
[ 1444.152881]  ? lock_release+0x680/0x680
[ 1444.153765]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1444.154816]  ? v9fs_show_options+0x690/0x690
[ 1444.155782]  ? trace_hardirqs_on+0x5b/0x180
[ 1444.156742]  ? kasan_unpoison_shadow+0x33/0x50
[ 1444.157749]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1444.158858]  v9fs_mount+0x79/0x8f0
[ 1444.159636]  ? v9fs_write_inode+0x60/0x60
[ 1444.160547]  legacy_get_tree+0x105/0x220
[ 1444.161460]  vfs_get_tree+0x8e/0x300
[ 1444.162283]  path_mount+0x1490/0x21e0
[ 1444.163116]  ? strncpy_from_user+0x9e/0x470
[ 1444.164062]  ? finish_automount+0xa90/0xa90
[ 1444.165031]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1444.166042]  ? _copy_from_user+0xfb/0x1b0
[ 1444.166961]  __x64_sys_mount+0x282/0x300
[ 1444.167848]  ? copy_mnt_ns+0xa00/0xa00
[ 1444.168815]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1444.170232]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1444.171645]  do_syscall_64+0x33/0x40
[ 1444.172655]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1444.173913] RIP: 0033:0x7faeaa885b19
[ 1444.174727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1444.178775] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1444.180477] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1444.182036] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1444.183592] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1444.185158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1444.186721] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:42:30 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x9effffff)

20:42:30 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:30 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:43 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5a00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:43 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x0, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:42:43 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 50)

20:42:43 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x30ff, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:43 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x77a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:43 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa38d, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:43 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf0ffffff)

20:42:43 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x3000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1457.136283] FAULT_INJECTION: forcing a failure.
[ 1457.136283] name failslab, interval 1, probability 0, space 0, times 0
[ 1457.138927] CPU: 0 PID: 28221 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1457.140433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1457.142251] Call Trace:
[ 1457.142830]  dump_stack+0x107/0x167
[ 1457.143630]  should_fail.cold+0x5/0xa
[ 1457.144455]  ? p9pdu_readf+0xadb/0x1d40
[ 1457.145327]  should_failslab+0x5/0x20
[ 1457.146150]  __kmalloc+0x72/0x390
[ 1457.146906]  p9pdu_readf+0xadb/0x1d40
[ 1457.147740]  ? pipe_poll+0x21b/0x800
[ 1457.148546]  ? p9pdu_writef+0x100/0x100
[ 1457.149419]  ? p9_fd_poll+0x1e0/0x2c0
[ 1457.150249]  ? p9_fd_create+0x357/0x4a0
[ 1457.151108]  ? p9_conn_create+0x510/0x510
[ 1457.152014]  ? p9_client_create+0x798/0x1230
[ 1457.152985]  ? kfree+0xd7/0x340
[ 1457.153706]  p9_client_create+0xaee/0x1230
[ 1457.154631]  ? p9_client_flush+0x430/0x430
[ 1457.155550]  ? trace_hardirqs_on+0x5b/0x180
[ 1457.156489]  ? lockdep_init_map_type+0x2c7/0x780
[ 1457.157540]  ? __raw_spin_lock_init+0x36/0x110
[ 1457.158535]  v9fs_session_init+0x1dd/0x1680
[ 1457.159469]  ? lock_release+0x680/0x680
[ 1457.160342]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1457.161400]  ? v9fs_show_options+0x690/0x690
[ 1457.162364]  ? trace_hardirqs_on+0x5b/0x180
[ 1457.163300]  ? kasan_unpoison_shadow+0x33/0x50
[ 1457.164287]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1457.165400]  v9fs_mount+0x79/0x8f0
[ 1457.166174]  ? v9fs_write_inode+0x60/0x60
[ 1457.167073]  legacy_get_tree+0x105/0x220
[ 1457.167961]  vfs_get_tree+0x8e/0x300
[ 1457.168772]  path_mount+0x1490/0x21e0
[ 1457.169616]  ? strncpy_from_user+0x9e/0x470
[ 1457.170550]  ? finish_automount+0xa90/0xa90
[ 1457.171483]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1457.172493]  ? _copy_from_user+0xfb/0x1b0
[ 1457.173411]  __x64_sys_mount+0x282/0x300
[ 1457.174290]  ? copy_mnt_ns+0xa00/0xa00
[ 1457.175141]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1457.176281]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1457.177408]  do_syscall_64+0x33/0x40
[ 1457.178212]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1457.179323] RIP: 0033:0x7faeaa885b19
[ 1457.180131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1457.184159] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1457.185829] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1457.187380] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1457.188942] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1457.190493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1457.192043] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:42:43 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:42:43 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa38e, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:43 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5b00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:43 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x4000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:43 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xfffff000)

20:42:43 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:43 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa38f, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:42:43 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x78a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:42:43 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xffffff7f)

20:42:43 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:00 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x79a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:00 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:00 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x5000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:00 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa390, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:00 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xffffff9e)

20:43:00 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:00 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 51)

[ 1473.623445] FAULT_INJECTION: forcing a failure.
[ 1473.623445] name failslab, interval 1, probability 0, space 0, times 0
[ 1473.625375] CPU: 0 PID: 29096 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1473.626529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1473.627886] Call Trace:
[ 1473.628324]  dump_stack+0x107/0x167
[ 1473.628919]  should_fail.cold+0x5/0xa
[ 1473.629554]  ? create_object.isra.0+0x3a/0xa30
[ 1473.630296]  should_failslab+0x5/0x20
[ 1473.630918]  kmem_cache_alloc+0x5b/0x310
[ 1473.631588]  create_object.isra.0+0x3a/0xa30
[ 1473.632300]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1473.633136]  __kmalloc+0x16e/0x390
[ 1473.633743]  p9pdu_readf+0xadb/0x1d40
[ 1473.634366]  ? pipe_poll+0x21b/0x800
[ 1473.634966]  ? p9pdu_writef+0x100/0x100
[ 1473.635616]  ? p9_fd_poll+0x1e0/0x2c0
[ 1473.636250]  ? p9_fd_create+0x357/0x4a0
[ 1473.636887]  ? p9_conn_create+0x510/0x510
[ 1473.637569]  ? p9_client_create+0x798/0x1230
[ 1473.638280]  ? kfree+0xd7/0x340
[ 1473.638822]  p9_client_create+0xaee/0x1230
[ 1473.639515]  ? p9_client_flush+0x430/0x430
[ 1473.640229]  ? trace_hardirqs_on+0x5b/0x180
[ 1473.640931]  ? lockdep_init_map_type+0x2c7/0x780
[ 1473.641705]  ? __raw_spin_lock_init+0x36/0x110
[ 1473.642451]  v9fs_session_init+0x1dd/0x1680
[ 1473.643148]  ? lock_release+0x680/0x680
[ 1473.643797]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1473.644576]  ? v9fs_show_options+0x690/0x690
[ 1473.645303]  ? trace_hardirqs_on+0x5b/0x180
[ 1473.646002]  ? kasan_unpoison_shadow+0x33/0x50
[ 1473.646739]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1473.647563]  v9fs_mount+0x79/0x8f0
[ 1473.648138]  ? v9fs_write_inode+0x60/0x60
[ 1473.648812]  legacy_get_tree+0x105/0x220
[ 1473.649477]  vfs_get_tree+0x8e/0x300
[ 1473.650078]  path_mount+0x1490/0x21e0
[ 1473.650699]  ? strncpy_from_user+0x9e/0x470
[ 1473.651430]  ? finish_automount+0xa90/0xa90
[ 1473.652130]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1473.652919]  ? _copy_from_user+0xfb/0x1b0
[ 1473.653602]  __x64_sys_mount+0x282/0x300
[ 1473.654260]  ? copy_mnt_ns+0xa00/0xa00
[ 1473.654890]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1473.655742]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1473.656576]  do_syscall_64+0x33/0x40
[ 1473.657202]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1473.658063] RIP: 0033:0x7faeaa885b19
[ 1473.658687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1473.661784] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1473.663055] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1473.664244] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1473.665442] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1473.666634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1473.667822] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:43:00 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:00 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa391, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:15 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 52)

20:43:15 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa392, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:15 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5d00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:15 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x6000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:15 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x0, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xfffffff0)

20:43:15 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:15 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:15 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa393, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1488.650969] FAULT_INJECTION: forcing a failure.
[ 1488.650969] name failslab, interval 1, probability 0, space 0, times 0
[ 1488.653532] CPU: 1 PID: 29545 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1488.654989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1488.656756] Call Trace:
[ 1488.657326]  dump_stack+0x107/0x167
[ 1488.658096]  should_fail.cold+0x5/0xa
[ 1488.658903]  should_failslab+0x5/0x20
[ 1488.659719]  __kmalloc_track_caller+0x79/0x370
[ 1488.660681]  ? kasprintf+0xbb/0xf0
[ 1488.661437]  ? __delete_object+0xb3/0x100
[ 1488.662315]  kvasprintf+0xb5/0x150
[ 1488.663069]  ? bust_spinlocks+0xe0/0xe0
[ 1488.663906]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1488.665026]  kasprintf+0xbb/0xf0
[ 1488.665736]  ? kvasprintf_const+0x1a0/0x1a0
[ 1488.666644]  ? kmem_cache_free+0x249/0x2d0
[ 1488.667540]  ? p9_client_create+0xbfa/0x1230
[ 1488.668479]  p9_client_create+0xc1b/0x1230
[ 1488.669387]  ? p9_client_flush+0x430/0x430
[ 1488.670262]  ? trace_hardirqs_on+0x5b/0x180
[ 1488.671176]  ? lockdep_init_map_type+0x2c7/0x780
[ 1488.672174]  ? __raw_spin_lock_init+0x36/0x110
[ 1488.673146]  v9fs_session_init+0x1dd/0x1680
[ 1488.674062]  ? lock_release+0x680/0x680
[ 1488.674898]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1488.675913]  ? v9fs_show_options+0x690/0x690
[ 1488.676843]  ? trace_hardirqs_on+0x5b/0x180
[ 1488.677755]  ? kasan_unpoison_shadow+0x33/0x50
[ 1488.678722]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1488.679781]  v9fs_mount+0x79/0x8f0
[ 1488.680524]  ? v9fs_write_inode+0x60/0x60
[ 1488.681401]  legacy_get_tree+0x105/0x220
[ 1488.682263]  vfs_get_tree+0x8e/0x300
[ 1488.683046]  path_mount+0x1490/0x21e0
[ 1488.683843]  ? strncpy_from_user+0x9e/0x470
[ 1488.684754]  ? finish_automount+0xa90/0xa90
[ 1488.685683]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1488.686667]  ? _copy_from_user+0xfb/0x1b0
[ 1488.687537]  __x64_sys_mount+0x282/0x300
[ 1488.688380]  ? copy_mnt_ns+0xa00/0xa00
[ 1488.689234]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1488.690347]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1488.691431]  do_syscall_64+0x33/0x40
[ 1488.692215]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1488.693297] RIP: 0033:0x7faeaa885b19
[ 1488.694086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1488.697945] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1488.699543] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1488.701042] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1488.702548] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1488.704051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1488.705569] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:43:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x8000000000000)

20:43:15 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7aa4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:15 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x0, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:15 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 53)

20:43:15 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4800, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:15 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6800, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:15 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa394, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:15 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x7000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:15 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf0ffffffffffff)

[ 1488.944794] FAULT_INJECTION: forcing a failure.
[ 1488.944794] name failslab, interval 1, probability 0, space 0, times 0
[ 1488.947218] CPU: 1 PID: 29991 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1488.948678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1488.950451] Call Trace:
[ 1488.951012]  dump_stack+0x107/0x167
[ 1488.951789]  should_fail.cold+0x5/0xa
[ 1488.952592]  ? create_object.isra.0+0x3a/0xa30
[ 1488.953560]  should_failslab+0x5/0x20
[ 1488.954363]  kmem_cache_alloc+0x5b/0x310
[ 1488.955217]  ? vsnprintf+0x4ba/0x1600
[ 1488.956029]  create_object.isra.0+0x3a/0xa30
[ 1488.956961]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1488.958041]  __kmalloc_track_caller+0x177/0x370
[ 1488.959028]  ? kasprintf+0xbb/0xf0
[ 1488.959771]  kvasprintf+0xb5/0x150
[ 1488.960517]  ? bust_spinlocks+0xe0/0xe0
[ 1488.961362]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1488.962468]  kasprintf+0xbb/0xf0
[ 1488.963184]  ? kvasprintf_const+0x1a0/0x1a0
[ 1488.964083]  ? kmem_cache_free+0x249/0x2d0
[ 1488.964976]  ? p9_client_create+0xbfa/0x1230
[ 1488.965918]  p9_client_create+0xc1b/0x1230
[ 1488.966798]  ? p9_client_flush+0x430/0x430
[ 1488.967678]  ? trace_hardirqs_on+0x5b/0x180
[ 1488.968575]  ? lockdep_init_map_type+0x2c7/0x780
[ 1488.969578]  ? __raw_spin_lock_init+0x36/0x110
[ 1488.970533]  v9fs_session_init+0x1dd/0x1680
[ 1488.971431]  ? lock_release+0x680/0x680
[ 1488.972270]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1488.973279]  ? v9fs_show_options+0x690/0x690
[ 1488.974198]  ? trace_hardirqs_on+0x5b/0x180
[ 1488.975098]  ? kasan_unpoison_shadow+0x33/0x50
[ 1488.976060]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1488.977125]  v9fs_mount+0x79/0x8f0
[ 1488.977867]  ? v9fs_write_inode+0x60/0x60
[ 1488.978732]  legacy_get_tree+0x105/0x220
[ 1488.979583]  vfs_get_tree+0x8e/0x300
[ 1488.980353]  path_mount+0x1490/0x21e0
[ 1488.981155]  ? strncpy_from_user+0x9e/0x470
[ 1488.982064]  ? finish_automount+0xa90/0xa90
[ 1488.982963]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1488.983926]  ? _copy_from_user+0xfb/0x1b0
[ 1488.984796]  __x64_sys_mount+0x282/0x300
[ 1488.985661]  ? copy_mnt_ns+0xa00/0xa00
[ 1488.986473]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1488.987577]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1488.988647]  do_syscall_64+0x33/0x40
[ 1488.989432]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1488.990496] RIP: 0033:0x7faeaa885b19
[ 1488.991265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1488.995179] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1488.996772] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1488.998274] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1488.999784] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1489.001276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1489.002772] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:43:28 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x100000000000000)

20:43:28 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa395, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:28 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 54)

20:43:28 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:28 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x0, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:28 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:28 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:28 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7ba4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1502.251889] FAULT_INJECTION: forcing a failure.
[ 1502.251889] name failslab, interval 1, probability 0, space 0, times 0
[ 1502.253547] CPU: 1 PID: 30403 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1502.254346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1502.255318] Call Trace:
[ 1502.255635]  dump_stack+0x107/0x167
[ 1502.256060]  should_fail.cold+0x5/0xa
[ 1502.256500]  should_failslab+0x5/0x20
[ 1502.256939]  __kmalloc_track_caller+0x79/0x370
[ 1502.257468]  ? kstrdup_const+0x53/0x80
[ 1502.257912]  ? kasprintf+0xbb/0xf0
[ 1502.258324]  kstrdup+0x36/0x70
[ 1502.258694]  kstrdup_const+0x53/0x80
[ 1502.259154]  kmem_cache_create_usercopy+0x12f/0x2f0
[ 1502.259735]  p9_client_create+0xc6a/0x1230
[ 1502.260263]  ? p9_client_flush+0x430/0x430
[ 1502.260753]  ? trace_hardirqs_on+0x5b/0x180
[ 1502.261251]  ? lockdep_init_map_type+0x2c7/0x780
[ 1502.261813]  ? __raw_spin_lock_init+0x36/0x110
[ 1502.262351]  v9fs_session_init+0x1dd/0x1680
[ 1502.262855]  ? lock_release+0x680/0x680
[ 1502.263317]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1502.263877]  ? v9fs_show_options+0x690/0x690
[ 1502.264391]  ? trace_hardirqs_on+0x5b/0x180
[ 1502.264889]  ? kasan_unpoison_shadow+0x33/0x50
[ 1502.265453]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1502.266041]  v9fs_mount+0x79/0x8f0
[ 1502.266452]  ? v9fs_write_inode+0x60/0x60
[ 1502.266928]  legacy_get_tree+0x105/0x220
[ 1502.267399]  vfs_get_tree+0x8e/0x300
[ 1502.267828]  path_mount+0x1490/0x21e0
[ 1502.268277]  ? strncpy_from_user+0x9e/0x470
[ 1502.268773]  ? finish_automount+0xa90/0xa90
[ 1502.269270]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1502.269814]  ? _copy_from_user+0xfb/0x1b0
[ 1502.270296]  __x64_sys_mount+0x282/0x300
[ 1502.270765]  ? copy_mnt_ns+0xa00/0xa00
[ 1502.271216]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1502.271819]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1502.272423]  do_syscall_64+0x33/0x40
[ 1502.272863]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1502.273471] RIP: 0033:0x7faeaa885b19
[ 1502.273900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1502.276012] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1502.276880] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1502.277701] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1502.278513] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1502.279333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1502.280158] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1502.281033] kmem_cache_create(9p-fcall-cache-387) failed with error -12
[ 1502.281830] CPU: 1 PID: 30403 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1502.282619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1502.283560] Call Trace:
[ 1502.283861]  dump_stack+0x107/0x167
[ 1502.284285]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 1502.284889]  p9_client_create+0xc6a/0x1230
[ 1502.285389]  ? p9_client_flush+0x430/0x430
[ 1502.285876]  ? trace_hardirqs_on+0x5b/0x180
[ 1502.286372]  ? lockdep_init_map_type+0x2c7/0x780
[ 1502.286913]  ? __raw_spin_lock_init+0x36/0x110
[ 1502.287437]  v9fs_session_init+0x1dd/0x1680
[ 1502.287931]  ? lock_release+0x680/0x680
[ 1502.288393]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1502.288942]  ? v9fs_show_options+0x690/0x690
[ 1502.289457]  ? trace_hardirqs_on+0x5b/0x180
[ 1502.289982]  ? kasan_unpoison_shadow+0x33/0x50
[ 1502.290507]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1502.291088]  v9fs_mount+0x79/0x8f0
[ 1502.291494]  ? v9fs_write_inode+0x60/0x60
[ 1502.291964]  legacy_get_tree+0x105/0x220
[ 1502.292429]  vfs_get_tree+0x8e/0x300
[ 1502.292858]  path_mount+0x1490/0x21e0
[ 1502.293304]  ? strncpy_from_user+0x9e/0x470
[ 1502.293833]  ? finish_automount+0xa90/0xa90
[ 1502.294326]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1502.294891]  ? _copy_from_user+0xfb/0x1b0
[ 1502.295371]  __x64_sys_mount+0x282/0x300
[ 1502.295831]  ? copy_mnt_ns+0xa00/0xa00
[ 1502.296278]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1502.296876]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1502.297468]  do_syscall_64+0x33/0x40
[ 1502.297891]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1502.298469] RIP: 0033:0x7faeaa885b19
[ 1502.298892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1502.300984] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1502.301859] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1502.302670] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1502.303487] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1502.304299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1502.305113] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:43:28 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa396, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:28 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x200000000000000)

20:43:28 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x9000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:28 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6800, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:28 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:29 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 55)

20:43:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa397, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:29 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7ca4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:29 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6c00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:29 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7400, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:29 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xa000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1502.544699] FAULT_INJECTION: forcing a failure.
[ 1502.544699] name failslab, interval 1, probability 0, space 0, times 0
[ 1502.547841] CPU: 0 PID: 31048 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1502.549580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1502.551685] Call Trace:
[ 1502.552350]  dump_stack+0x107/0x167
[ 1502.553257]  should_fail.cold+0x5/0xa
[ 1502.554227]  ? create_object.isra.0+0x3a/0xa30
[ 1502.555385]  should_failslab+0x5/0x20
[ 1502.556313]  kmem_cache_alloc+0x5b/0x310
[ 1502.557332]  ? lock_acquire+0x197/0x470
[ 1502.558322]  create_object.isra.0+0x3a/0xa30
[ 1502.559383]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1502.560677]  __kmalloc_track_caller+0x177/0x370
[ 1502.561842]  ? kstrdup_const+0x53/0x80
[ 1502.562810]  ? kasprintf+0xbb/0xf0
[ 1502.563671]  kstrdup+0x36/0x70
[ 1502.564454]  kstrdup_const+0x53/0x80
[ 1502.565383]  kmem_cache_create_usercopy+0x12f/0x2f0
[ 1502.566641]  p9_client_create+0xc6a/0x1230
[ 1502.567686]  ? p9_client_flush+0x430/0x430
[ 1502.568719]  ? trace_hardirqs_on+0x5b/0x180
[ 1502.569787]  ? lockdep_init_map_type+0x2c7/0x780
[ 1502.570941]  ? __raw_spin_lock_init+0x36/0x110
[ 1502.572063]  v9fs_session_init+0x1dd/0x1680
[ 1502.573116]  ? lock_release+0x680/0x680
[ 1502.574106]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1502.575288]  ? v9fs_show_options+0x690/0x690
[ 1502.576379]  ? trace_hardirqs_on+0x5b/0x180
[ 1502.577451]  ? kasan_unpoison_shadow+0x33/0x50
[ 1502.578569]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1502.579823]  v9fs_mount+0x79/0x8f0
[ 1502.580688]  ? v9fs_write_inode+0x60/0x60
[ 1502.581723]  legacy_get_tree+0x105/0x220
[ 1502.582730]  vfs_get_tree+0x8e/0x300
[ 1502.583644]  path_mount+0x1490/0x21e0
[ 1502.584584]  ? strncpy_from_user+0x9e/0x470
[ 1502.585660]  ? finish_automount+0xa90/0xa90
[ 1502.586723]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1502.587863]  ? _copy_from_user+0xfb/0x1b0
[ 1502.588881]  __x64_sys_mount+0x282/0x300
[ 1502.589887]  ? copy_mnt_ns+0xa00/0xa00
[ 1502.590842]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1502.592129]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1502.593442]  do_syscall_64+0x33/0x40
[ 1502.594419]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1502.595952] RIP: 0033:0x7faeaa885b19
[ 1502.597133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1502.602663] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1502.604804] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1502.606621] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1502.608623] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1502.610398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1502.612143] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:43:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa398, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf00000000000000)

20:43:29 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:29 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7400, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa399, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:29 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:29 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa39a, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:29 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, 0x0, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:29 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x7400000000000000)

20:43:29 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7a00, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:41 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 56)

20:43:41 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7da4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:41 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:41 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x9effffff00000000)

20:43:41 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3e3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:41 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa39b, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:41 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x96a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:41 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xb000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:41 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa39c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1514.835948] FAULT_INJECTION: forcing a failure.
[ 1514.835948] name failslab, interval 1, probability 0, space 0, times 0
[ 1514.838636] CPU: 1 PID: 31878 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1514.840202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1514.841996] Call Trace:
[ 1514.842559]  dump_stack+0x107/0x167
[ 1514.843333]  should_fail.cold+0x5/0xa
[ 1514.844155]  ? create_object.isra.0+0x3a/0xa30
[ 1514.845125]  should_failslab+0x5/0x20
[ 1514.845941]  kmem_cache_alloc+0x5b/0x310
[ 1514.846816]  create_object.isra.0+0x3a/0xa30
[ 1514.847745]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1514.848834]  kmem_cache_alloc+0x159/0x310
[ 1514.849728]  kmem_cache_create_usercopy+0x190/0x2f0
[ 1514.850814]  p9_client_create+0xc6a/0x1230
[ 1514.851701]  ? p9_client_flush+0x430/0x430
[ 1514.852600]  ? trace_hardirqs_on+0x5b/0x180
[ 1514.853531]  ? lockdep_init_map_type+0x2c7/0x780
[ 1514.854543]  ? __raw_spin_lock_init+0x36/0x110
[ 1514.855523]  v9fs_session_init+0x1dd/0x1680
[ 1514.856445]  ? lock_release+0x680/0x680
[ 1514.857301]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1514.858330]  ? v9fs_show_options+0x690/0x690
[ 1514.859270]  ? trace_hardirqs_on+0x5b/0x180
[ 1514.860185]  ? kasan_unpoison_shadow+0x33/0x50
[ 1514.861154]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1514.862244]  v9fs_mount+0x79/0x8f0
[ 1514.863003]  ? v9fs_write_inode+0x60/0x60
[ 1514.863882]  legacy_get_tree+0x105/0x220
[ 1514.864746]  vfs_get_tree+0x8e/0x300
[ 1514.865544]  path_mount+0x1490/0x21e0
[ 1514.866358]  ? strncpy_from_user+0x9e/0x470
[ 1514.867277]  ? finish_automount+0xa90/0xa90
[ 1514.868192]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1514.869182]  ? _copy_from_user+0xfb/0x1b0
[ 1514.870076]  __x64_sys_mount+0x282/0x300
[ 1514.870939]  ? copy_mnt_ns+0xa00/0xa00
[ 1514.871764]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1514.872872]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1514.873938]  do_syscall_64+0x33/0x40
[ 1514.874727]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1514.875810] RIP: 0033:0x7faeaa885b19
[ 1514.876597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1514.880518] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1514.882142] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1514.883660] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1514.885172] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1514.886698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1514.888221] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:43:41 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa39d, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:41 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x10000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:41 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xf0ffffff00000000)

20:43:41 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3e4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:41 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:41 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa39e, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:41 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x20000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1515.057871] 9pnet: Insufficient options for proto=fd
20:43:55 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7ea4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:55 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:55 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa39f, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:55 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xffffff7f00000000)

20:43:55 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:43:55 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 57)

20:43:55 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:43:55 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3e5, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1529.087935] FAULT_INJECTION: forcing a failure.
[ 1529.087935] name failslab, interval 1, probability 0, space 0, times 0
[ 1529.089482] CPU: 1 PID: 32639 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1529.090386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1529.091469] Call Trace:
[ 1529.091816]  dump_stack+0x107/0x167
[ 1529.092291]  should_fail.cold+0x5/0xa
[ 1529.092787]  ? __kmem_cache_create+0x10e/0x520
[ 1529.093370]  should_failslab+0x5/0x20
[ 1529.093868]  kmem_cache_alloc_node+0x55/0x330
[ 1529.094497]  __kmem_cache_create+0x10e/0x520
[ 1529.095082]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1529.095757]  p9_client_create+0xc6a/0x1230
[ 1529.096309]  ? p9_client_flush+0x430/0x430
[ 1529.096591] 9pnet: Insufficient options for proto=fd
[ 1529.096857]  ? trace_hardirqs_on+0x5b/0x180
[ 1529.098645]  ? lockdep_init_map_type+0x2c7/0x780
[ 1529.099259]  ? __raw_spin_lock_init+0x36/0x110
[ 1529.099848]  v9fs_session_init+0x1dd/0x1680
[ 1529.100400]  ? lock_release+0x680/0x680
[ 1529.100918]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1529.101545]  ? v9fs_show_options+0x690/0x690
[ 1529.102124]  ? trace_hardirqs_on+0x5b/0x180
[ 1529.102679]  ? kasan_unpoison_shadow+0x33/0x50
[ 1529.103293]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1529.103943]  v9fs_mount+0x79/0x8f0
[ 1529.104406]  ? v9fs_write_inode+0x60/0x60
[ 1529.104943]  legacy_get_tree+0x105/0x220
[ 1529.105466]  vfs_get_tree+0x8e/0x300
[ 1529.105962]  path_mount+0x1490/0x21e0
[ 1529.106462]  ? strncpy_from_user+0x9e/0x470
[ 1529.107008]  ? finish_automount+0xa90/0xa90
[ 1529.107551]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1529.108154]  ? _copy_from_user+0xfb/0x1b0
[ 1529.108690]  __x64_sys_mount+0x282/0x300
[ 1529.109208]  ? copy_mnt_ns+0xa00/0xa00
[ 1529.109728]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1529.110397]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1529.111061]  do_syscall_64+0x33/0x40
[ 1529.111532]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1529.112193] RIP: 0033:0x7faeaa885b19
[ 1529.112678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1529.115049] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1529.116022] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1529.116936] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1529.117854] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1529.118781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1529.119701] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1529.120705] kmem_cache_create(9p-fcall-cache-390) failed with error -22
[ 1529.121580] CPU: 1 PID: 32639 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1529.122467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1529.123551] Call Trace:
[ 1529.123890]  dump_stack+0x107/0x167
[ 1529.124358]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 1529.125052]  p9_client_create+0xc6a/0x1230
[ 1529.125603]  ? p9_client_flush+0x430/0x430
[ 1529.126148]  ? trace_hardirqs_on+0x5b/0x180
[ 1529.126717]  ? lockdep_init_map_type+0x2c7/0x780
[ 1529.127329]  ? __raw_spin_lock_init+0x36/0x110
[ 1529.127925]  v9fs_session_init+0x1dd/0x1680
[ 1529.128474]  ? lock_release+0x680/0x680
[ 1529.128990]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1529.129604]  ? v9fs_show_options+0x690/0x690
[ 1529.130177]  ? trace_hardirqs_on+0x5b/0x180
[ 1529.130726]  ? kasan_unpoison_shadow+0x33/0x50
[ 1529.131310]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1529.131962]  v9fs_mount+0x79/0x8f0
[ 1529.132414]  ? v9fs_write_inode+0x60/0x60
[ 1529.132947]  legacy_get_tree+0x105/0x220
[ 1529.133457]  vfs_get_tree+0x8e/0x300
[ 1529.133931]  path_mount+0x1490/0x21e0
[ 1529.134411]  ? strncpy_from_user+0x9e/0x470
[ 1529.134956]  ? finish_automount+0xa90/0xa90
[ 1529.135491]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1529.136079]  ? _copy_from_user+0xfb/0x1b0
[ 1529.136605]  __x64_sys_mount+0x282/0x300
[ 1529.137108]  ? copy_mnt_ns+0xa00/0xa00
[ 1529.137603]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1529.138262]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1529.138905]  do_syscall_64+0x33/0x40
[ 1529.139373]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1529.140010] RIP: 0033:0x7faeaa885b19
[ 1529.140472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1529.142808] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1529.143768] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1529.144660] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1529.145557] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1529.146454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1529.147348] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:43:55 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3a0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:43:55 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0xfffffffffffff000)

20:43:55 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x98a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:12 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x99a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:12 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0x8cffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:12 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 58)

20:44:12 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7fa4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:12 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3a1, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:44:12 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:44:12 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3e6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:12 executing program 3:
socket$netlink(0x10, 0x3, 0x15)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/tty/ldiscs\x00', 0x0, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/ldiscs\x00', 0x0, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r1, r0, &(0x7f0000000040)=0xb, 0x80000001)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='map_files\x00')
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
getdents64(r2, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000200008000f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x4000}], 0x0, &(0x7f0000001500)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
write$P9_RREADLINK(r3, &(0x7f0000000100)=ANY=[], 0x10)
r5 = creat(&(0x7f00000000c0)='./file2\x00', 0x0)
r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
signalfd4(r6, &(0x7f0000000180)={[0x6]}, 0x8, 0x800)
fcntl$lock(r6, 0x24, &(0x7f0000000080)={0x2, 0x1, 0x1, 0xc})
write$binfmt_elf64(r5, &(0x7f0000000100)=ANY=[], 0xfdef)
sendfile(r3, r4, 0x0, 0x100000001)

[ 1545.657830] FAULT_INJECTION: forcing a failure.
[ 1545.657830] name failslab, interval 1, probability 0, space 0, times 0
[ 1545.660685] CPU: 1 PID: 33299 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1545.662355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1545.664358] Call Trace:
[ 1545.665004]  dump_stack+0x107/0x167
[ 1545.665903]  should_fail.cold+0x5/0xa
[ 1545.666835]  ? create_object.isra.0+0x3a/0xa30
[ 1545.667835]  should_failslab+0x5/0x20
[ 1545.668659]  kmem_cache_alloc+0x5b/0x310
[ 1545.669550]  create_object.isra.0+0x3a/0xa30
[ 1545.670522]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1545.671624]  kmem_cache_alloc_node+0x169/0x330
[ 1545.672627]  __kmem_cache_create+0x10e/0x520
[ 1545.673594]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1545.674693]  p9_client_create+0xc6a/0x1230
20:44:12 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x80a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1545.675621]  ? p9_client_flush+0x430/0x430
[ 1545.676738]  ? trace_hardirqs_on+0x5b/0x180
20:44:12 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3e7, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1545.677701]  ? lockdep_init_map_type+0x2c7/0x780
[ 1545.678833]  ? __raw_spin_lock_init+0x36/0x110
[ 1545.679844]  v9fs_session_init+0x1dd/0x1680
[ 1545.680781]  ? lock_release+0x680/0x680
[ 1545.681660]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1545.682722]  ? v9fs_show_options+0x690/0x690
[ 1545.683686]  ? trace_hardirqs_on+0x5b/0x180
[ 1545.684630]  ? kasan_unpoison_shadow+0x33/0x50
[ 1545.685618]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1545.686741]  v9fs_mount+0x79/0x8f0
[ 1545.687517]  ? v9fs_write_inode+0x60/0x60
[ 1545.688420]  legacy_get_tree+0x105/0x220
[ 1545.689304]  vfs_get_tree+0x8e/0x300
[ 1545.690125]  path_mount+0x1490/0x21e0
[ 1545.690965]  ? strncpy_from_user+0x9e/0x470
[ 1545.691901]  ? finish_automount+0xa90/0xa90
[ 1545.692834]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1545.693848]  ? _copy_from_user+0xfb/0x1b0
[ 1545.694754]  __x64_sys_mount+0x282/0x300
[ 1545.695628]  ? copy_mnt_ns+0xa00/0xa00
[ 1545.696469]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1545.697601]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1545.698742]  do_syscall_64+0x33/0x40
[ 1545.699545]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1545.700652] RIP: 0033:0x7faeaa885b19
[ 1545.701458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1545.705451] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1545.707117] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1545.708667] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1545.710212] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1545.711757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1545.713301] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1545.719536] loop3: detected capacity change from 0 to 32768
20:44:12 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3a2, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1545.740769] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
20:44:12 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9aa6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:12 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x81a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:12 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3e8, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:12 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:44:12 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 59)

[ 1545.929324] attempt to access beyond end of device
[ 1545.929324] loop3: rw=2049, want=126, limit=64
[ 1545.930693] buffer_io_error: 686 callbacks suppressed
[ 1545.930700] Buffer I/O error on dev loop3, logical block 125, lost async page write
[ 1546.074130] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[ 1546.083251] FAULT_INJECTION: forcing a failure.
[ 1546.083251] name failslab, interval 1, probability 0, space 0, times 0
[ 1546.085928] CPU: 1 PID: 34097 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1546.087415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1546.089199] Call Trace:
[ 1546.089776]  dump_stack+0x107/0x167
[ 1546.090556]  should_fail.cold+0x5/0xa
[ 1546.091370]  ? create_object.isra.0+0x3a/0xa30
[ 1546.092342]  should_failslab+0x5/0x20
[ 1546.093152]  kmem_cache_alloc+0x5b/0x310
[ 1546.094026]  create_object.isra.0+0x3a/0xa30
[ 1546.094972]  kmemleak_alloc_percpu+0xa0/0x100
[ 1546.095937]  pcpu_alloc+0x4e2/0x1240
[ 1546.096753]  __kmem_cache_create+0x35a/0x520
[ 1546.097711]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1546.098784]  p9_client_create+0xc6a/0x1230
[ 1546.099696]  ? p9_client_flush+0x430/0x430
[ 1546.100597]  ? trace_hardirqs_on+0x5b/0x180
[ 1546.101519]  ? lockdep_init_map_type+0x2c7/0x780
[ 1546.102539]  ? __raw_spin_lock_init+0x36/0x110
[ 1546.103517]  v9fs_session_init+0x1dd/0x1680
[ 1546.104436]  ? lock_release+0x680/0x680
[ 1546.105291]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1546.106328]  ? v9fs_show_options+0x690/0x690
[ 1546.107275]  ? trace_hardirqs_on+0x5b/0x180
[ 1546.108200]  ? kasan_unpoison_shadow+0x33/0x50
[ 1546.109169]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1546.110261]  v9fs_mount+0x79/0x8f0
[ 1546.111021]  ? v9fs_write_inode+0x60/0x60
[ 1546.111901]  legacy_get_tree+0x105/0x220
[ 1546.112765]  vfs_get_tree+0x8e/0x300
[ 1546.113558]  path_mount+0x1490/0x21e0
[ 1546.114379]  ? strncpy_from_user+0x9e/0x470
[ 1546.115299]  ? finish_automount+0xa90/0xa90
[ 1546.116216]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1546.117205]  ? _copy_from_user+0xfb/0x1b0
[ 1546.118113]  __x64_sys_mount+0x282/0x300
[ 1546.118975]  ? copy_mnt_ns+0xa00/0xa00
[ 1546.119806]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1546.120918]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1546.122023]  do_syscall_64+0x33/0x40
[ 1546.122811]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1546.123901] RIP: 0033:0x7faeaa885b19
[ 1546.124689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1546.128590] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1546.130219] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1546.131737] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1546.133249] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1546.134766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1546.136273] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:44:26 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 60)

20:44:26 executing program 3:
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)

20:44:26 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x82a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:26 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xc0ed0000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:26 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3e9, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:26 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9ba6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:26 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:44:26 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

[ 1559.853397] FAULT_INJECTION: forcing a failure.
[ 1559.853397] name failslab, interval 1, probability 0, space 0, times 0
[ 1559.855453] CPU: 0 PID: 34113 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1559.856608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1559.857988] Call Trace:
[ 1559.858434]  dump_stack+0x107/0x167
[ 1559.859043]  should_fail.cold+0x5/0xa
[ 1559.859690]  ? create_object.isra.0+0x3a/0xa30
[ 1559.860452]  should_failslab+0x5/0x20
[ 1559.861098]  kmem_cache_alloc+0x5b/0x310
[ 1559.861782]  ? mark_held_locks+0x9e/0xe0
[ 1559.862464]  create_object.isra.0+0x3a/0xa30
[ 1559.863203]  kmemleak_alloc_percpu+0xa0/0x100
[ 1559.863960]  pcpu_alloc+0x4e2/0x1240
[ 1559.864593]  __kmem_cache_create+0x35a/0x520
[ 1559.865335]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1559.866198]  p9_client_create+0xc6a/0x1230
[ 1559.866915]  ? p9_client_flush+0x430/0x430
[ 1559.867627]  ? trace_hardirqs_on+0x5b/0x180
[ 1559.868347]  ? lockdep_init_map_type+0x2c7/0x780
[ 1559.869138]  ? __raw_spin_lock_init+0x36/0x110
[ 1559.869920]  v9fs_session_init+0x1dd/0x1680
[ 1559.870639]  ? lock_release+0x680/0x680
[ 1559.871317]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1559.872126]  ? v9fs_show_options+0x690/0x690
[ 1559.872870]  ? trace_hardirqs_on+0x5b/0x180
[ 1559.873595]  ? kasan_unpoison_shadow+0x33/0x50
[ 1559.874363]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1559.875214]  v9fs_mount+0x79/0x8f0
[ 1559.875820]  ? v9fs_write_inode+0x60/0x60
[ 1559.876520]  legacy_get_tree+0x105/0x220
[ 1559.877200]  vfs_get_tree+0x8e/0x300
[ 1559.877829]  path_mount+0x1490/0x21e0
[ 1559.878473]  ? strncpy_from_user+0x9e/0x470
[ 1559.879201]  ? finish_automount+0xa90/0xa90
[ 1559.879921]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1559.880707]  ? _copy_from_user+0xfb/0x1b0
[ 1559.881405]  __x64_sys_mount+0x282/0x300
[ 1559.882107]  ? copy_mnt_ns+0xa00/0xa00
[ 1559.882765]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1559.883643]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1559.884502]  do_syscall_64+0x33/0x40
[ 1559.885125]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1559.885974] RIP: 0033:0x7faeaa885b19
[ 1559.886590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1559.889642] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1559.890925] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1559.892105] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1559.893298] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1559.894481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1559.895669] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:44:26 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3a5, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:44:26 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xf6100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:26 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3ea, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:26 executing program 3:
r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r0, 0xd, &(0x7f0000001a40)=""/180)
shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x6000)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x2a, 0x1, 0x3, 0x0, {0xa}}, 0xfffffffffffffe8d}}, 0x0)

20:44:26 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x83a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:26 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:44:40 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:44:40 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9ca6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:40 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x84a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:40 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa4a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:44:40 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 61)

20:44:40 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xf6ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:40 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3eb, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:40 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x54, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x4)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)

[ 1573.572089] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=34881 comm=syz-executor.3
[ 1573.584173] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=34881 comm=syz-executor.3
20:44:40 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa5a3, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1573.603445] FAULT_INJECTION: forcing a failure.
[ 1573.603445] name failslab, interval 1, probability 0, space 0, times 0
[ 1573.606057] CPU: 0 PID: 34905 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1573.607563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1573.609362] Call Trace:
[ 1573.609946]  dump_stack+0x107/0x167
[ 1573.610740]  should_fail.cold+0x5/0xa
[ 1573.611566]  should_failslab+0x5/0x20
[ 1573.612390]  __kmalloc_track_caller+0x79/0x370
[ 1573.613378]  ? kstrdup_const+0x53/0x80
[ 1573.614234]  kstrdup+0x36/0x70
[ 1573.614928]  kstrdup_const+0x53/0x80
[ 1573.615741]  kvasprintf_const+0x10c/0x1a0
[ 1573.616643]  kobject_set_name_vargs+0x56/0x150
[ 1573.617636]  kobject_init_and_add+0xc9/0x160
[ 1573.618600]  ? kobject_create_and_add+0xb0/0xb0
[ 1573.619612]  ? wait_for_completion_io+0x270/0x270
[ 1573.620654]  ? kernfs_name_hash+0xe7/0x110
[ 1573.621571]  ? kernfs_find_ns+0x256/0x380
[ 1573.622502]  sysfs_slab_add+0x172/0x200
[ 1573.623385]  __kmem_cache_create+0x3db/0x520
[ 1573.624337]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1573.625425]  p9_client_create+0xc6a/0x1230
[ 1573.626360]  ? p9_client_flush+0x430/0x430
[ 1573.627274]  ? trace_hardirqs_on+0x5b/0x180
[ 1573.628206]  ? lockdep_init_map_type+0x2c7/0x780
[ 1573.629226]  ? __raw_spin_lock_init+0x36/0x110
[ 1573.630235]  v9fs_session_init+0x1dd/0x1680
[ 1573.631169]  ? lock_release+0x680/0x680
[ 1573.632039]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1573.633084]  ? v9fs_show_options+0x690/0x690
[ 1573.634057]  ? trace_hardirqs_on+0x5b/0x180
[ 1573.634992]  ? kasan_unpoison_shadow+0x33/0x50
[ 1573.635981]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1573.637081]  v9fs_mount+0x79/0x8f0
[ 1573.637854]  ? v9fs_write_inode+0x60/0x60
[ 1573.638759]  legacy_get_tree+0x105/0x220
[ 1573.639639]  vfs_get_tree+0x8e/0x300
[ 1573.640445]  path_mount+0x1490/0x21e0
[ 1573.641275]  ? strncpy_from_user+0x9e/0x470
[ 1573.642219]  ? finish_automount+0xa90/0xa90
[ 1573.643154]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1573.644159]  ? _copy_from_user+0xfb/0x1b0
[ 1573.645061]  __x64_sys_mount+0x282/0x300
[ 1573.645954]  ? copy_mnt_ns+0xa00/0xa00
[ 1573.646800]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1573.647936]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1573.649086]  do_syscall_64+0x33/0x40
[ 1573.649896]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1573.651032] RIP: 0033:0x7faeaa885b19
[ 1573.651847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1573.655852] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1573.657504] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1573.659061] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1573.660610] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1573.662170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1573.663714] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1573.665348] kobject: can not set name properly!
[ 1573.666463] kmem_cache_create(9p-fcall-cache-394) failed with error -12
[ 1573.667945] CPU: 0 PID: 34905 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1573.669435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1573.671245] Call Trace:
[ 1573.671814]  dump_stack+0x107/0x167
[ 1573.672609]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 1573.673751]  p9_client_create+0xc6a/0x1230
[ 1573.674683]  ? p9_client_flush+0x430/0x430
[ 1573.675599]  ? trace_hardirqs_on+0x5b/0x180
[ 1573.676531]  ? lockdep_init_map_type+0x2c7/0x780
[ 1573.677553]  ? __raw_spin_lock_init+0x36/0x110
[ 1573.678560]  v9fs_session_init+0x1dd/0x1680
[ 1573.679489]  ? lock_release+0x680/0x680
[ 1573.680357]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1573.681401]  ? v9fs_show_options+0x690/0x690
[ 1573.682397]  ? trace_hardirqs_on+0x5b/0x180
[ 1573.683348]  ? kasan_unpoison_shadow+0x33/0x50
[ 1573.684336]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1573.685435]  v9fs_mount+0x79/0x8f0
[ 1573.686233]  ? v9fs_write_inode+0x60/0x60
[ 1573.687146]  legacy_get_tree+0x105/0x220
[ 1573.688028]  vfs_get_tree+0x8e/0x300
[ 1573.688840]  path_mount+0x1490/0x21e0
[ 1573.689668]  ? strncpy_from_user+0x9e/0x470
[ 1573.690610]  ? finish_automount+0xa90/0xa90
[ 1573.691544]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1573.692554]  ? _copy_from_user+0xfb/0x1b0
[ 1573.693460]  __x64_sys_mount+0x282/0x300
[ 1573.694348]  ? copy_mnt_ns+0xa00/0xa00
[ 1573.695193]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1573.696328]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1573.697447]  do_syscall_64+0x33/0x40
[ 1573.698263]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1573.699377] RIP: 0033:0x7faeaa885b19
[ 1573.700181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1573.704174] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1573.705822] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1573.707376] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1573.708918] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1573.710473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1573.712035] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:44:53 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xffffe000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:53 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001900010000000000000000010af307343b1777f06897000000"], 0x14}}, 0x20048041)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/ldiscs\x00', 0x0, 0x0)
r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r2, r1, &(0x7f0000000040)=0xb, 0x80000001)
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000140)={0x0, 0xfffffffffffffffd, 0x80, 0x1})
openat(r1, &(0x7f0000000040)='./file0\x00', 0x301000, 0x80)

20:44:53 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:44:53 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 62)

20:44:53 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xedc0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:44:53 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x85a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:53 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9da6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:53 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3ec, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:53 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfeff, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1587.034798] FAULT_INJECTION: forcing a failure.
[ 1587.034798] name failslab, interval 1, probability 0, space 0, times 0
[ 1587.037492] CPU: 1 PID: 35300 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1587.039047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1587.040878] Call Trace:
[ 1587.041478]  dump_stack+0x107/0x167
[ 1587.042333]  should_fail.cold+0x5/0xa
[ 1587.043196]  ? create_object.isra.0+0x3a/0xa30
[ 1587.044241]  should_failslab+0x5/0x20
[ 1587.045105]  kmem_cache_alloc+0x5b/0x310
[ 1587.046022]  ? lock_release+0x680/0x680
[ 1587.046963]  create_object.isra.0+0x3a/0xa30
[ 1587.047945]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1587.049089]  __kmalloc_track_caller+0x177/0x370
[ 1587.050142]  ? kstrdup_const+0x53/0x80
[ 1587.051037]  kstrdup+0x36/0x70
[ 1587.051781]  kstrdup_const+0x53/0x80
[ 1587.052623]  kvasprintf_const+0x10c/0x1a0
[ 1587.053596]  kobject_set_name_vargs+0x56/0x150
[ 1587.054639]  kobject_init_and_add+0xc9/0x160
[ 1587.055648]  ? kobject_create_and_add+0xb0/0xb0
[ 1587.056741]  ? wait_for_completion_io+0x270/0x270
[ 1587.057834]  ? kernfs_name_hash+0xe7/0x110
[ 1587.058837]  ? kernfs_find_ns+0x256/0x380
[ 1587.059822]  sysfs_slab_add+0x172/0x200
[ 1587.060716]  __kmem_cache_create+0x3db/0x520
[ 1587.061759]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1587.062955]  p9_client_create+0xc6a/0x1230
[ 1587.063912]  ? p9_client_flush+0x430/0x430
[ 1587.064882]  ? trace_hardirqs_on+0x5b/0x180
[ 1587.065849]  ? lockdep_init_map_type+0x2c7/0x780
[ 1587.066928]  ? __raw_spin_lock_init+0x36/0x110
[ 1587.067971]  v9fs_session_init+0x1dd/0x1680
[ 1587.068941]  ? lock_release+0x680/0x680
[ 1587.069840]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1587.070937]  ? v9fs_show_options+0x690/0x690
20:44:53 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xff30, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

[ 1587.071972]  ? trace_hardirqs_on+0x5b/0x180
[ 1587.073202]  ? kasan_unpoison_shadow+0x33/0x50
[ 1587.074246]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1587.075385]  v9fs_mount+0x79/0x8f0
[ 1587.076216]  ? v9fs_write_inode+0x60/0x60
[ 1587.077159]  legacy_get_tree+0x105/0x220
[ 1587.078124]  vfs_get_tree+0x8e/0x300
[ 1587.079007]  path_mount+0x1490/0x21e0
[ 1587.079903]  ? strncpy_from_user+0x9e/0x470
[ 1587.080913]  ? finish_automount+0xa90/0xa90
[ 1587.081925]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1587.082989]  ? _copy_from_user+0xfb/0x1b0
[ 1587.083930]  __x64_sys_mount+0x282/0x300
[ 1587.084840]  ? copy_mnt_ns+0xa00/0xa00
[ 1587.085712]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1587.086903]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1587.088121]  do_syscall_64+0x33/0x40
[ 1587.088970]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1587.090129] RIP: 0033:0x7faeaa885b19
[ 1587.090961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1587.095102] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1587.096808] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1587.098424] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1587.100021] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1587.101632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1587.103310] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:44:53 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3ed, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:53 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x86a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:53 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfffe, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:44:53 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC=r3, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r4, 0x5450)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:44:53 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x13)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x50, 0x3, 0x7, 0x3, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x9}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x6}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x4}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfff}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4008040}, 0x4)

20:44:53 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x80000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:44:53 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xffffff8c, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:53 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3ee, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:44:53 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9ea6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:45:08 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x44800)
r1 = dup3(0xffffffffffffffff, r0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x2, 0x8, 0x5, 0x0, 0x0, {0x5, 0x0, 0x4}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4)

20:45:08 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x87a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:45:08 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9fa6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:45:08 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xfffffff6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:45:08 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 63)

20:45:08 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r3, 0x5450)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:45:08 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:45:08 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3ef, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1602.392740] FAULT_INJECTION: forcing a failure.
[ 1602.392740] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.395203] CPU: 1 PID: 36302 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1602.396674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.398478] Call Trace:
[ 1602.399042]  dump_stack+0x107/0x167
[ 1602.399817]  should_fail.cold+0x5/0xa
[ 1602.400636]  should_failslab+0x5/0x20
[ 1602.401448]  __kmalloc_track_caller+0x79/0x370
[ 1602.402432]  ? kstrdup_const+0x53/0x80
[ 1602.403267]  kstrdup+0x36/0x70
[ 1602.403956]  kstrdup_const+0x53/0x80
[ 1602.404744]  __kernfs_new_node+0x9d/0x860
[ 1602.405628]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1602.406641]  ? lock_acquire+0x197/0x470
[ 1602.407463]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1602.408545]  ? lock_release+0x680/0x680
[ 1602.409356]  ? find_held_lock+0x2c/0x110
[ 1602.410212]  kernfs_new_node+0x18d/0x250
[ 1602.411055]  kernfs_create_dir_ns+0x49/0x160
[ 1602.411967]  sysfs_create_dir_ns+0x127/0x290
[ 1602.412870]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1602.413847]  ? rwlock_bug.part.0+0x90/0x90
[ 1602.414728]  ? do_raw_spin_unlock+0x4f/0x220
[ 1602.415638]  kobject_add_internal+0x25e/0xa30
[ 1602.416568]  kobject_init_and_add+0x101/0x160
[ 1602.417491]  ? kobject_create_and_add+0xb0/0xb0
[ 1602.418461]  ? wait_for_completion_io+0x270/0x270
[ 1602.419447]  ? kernfs_name_hash+0xe7/0x110
[ 1602.420324]  ? kernfs_find_ns+0x256/0x380
[ 1602.421183]  sysfs_slab_add+0x172/0x200
[ 1602.421994]  __kmem_cache_create+0x3db/0x520
[ 1602.422907]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1602.423938]  p9_client_create+0xc6a/0x1230
[ 1602.424815]  ? p9_client_flush+0x430/0x430
[ 1602.425684]  ? _raw_spin_unlock_irqrestore+0x25/0x40
[ 1602.426735]  ? lockdep_init_map_type+0x2c7/0x780
[ 1602.427711]  ? __raw_spin_lock_init+0x36/0x110
[ 1602.428658]  v9fs_session_init+0x1dd/0x1680
[ 1602.429550]  ? lock_release+0x680/0x680
[ 1602.430383]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1602.431375]  ? v9fs_show_options+0x690/0x690
[ 1602.432284]  ? trace_hardirqs_on+0x5b/0x180
[ 1602.433176]  ? kasan_unpoison_shadow+0x33/0x50
[ 1602.434109]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1602.435163]  v9fs_mount+0x79/0x8f0
[ 1602.435890]  ? v9fs_write_inode+0x60/0x60
[ 1602.436740]  legacy_get_tree+0x105/0x220
[ 1602.437569]  vfs_get_tree+0x8e/0x300
[ 1602.438341]  path_mount+0x1490/0x21e0
[ 1602.439116]  ? strncpy_from_user+0x9e/0x470
[ 1602.440007]  ? finish_automount+0xa90/0xa90
[ 1602.440887]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1602.441824]  ? _copy_from_user+0xfb/0x1b0
[ 1602.442679]  __x64_sys_mount+0x282/0x300
[ 1602.443511]  ? copy_mnt_ns+0xa00/0xa00
[ 1602.444307]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1602.445389]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.446499]  do_syscall_64+0x33/0x40
[ 1602.447393]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1602.448650] RIP: 0033:0x7faeaa885b19
[ 1602.449403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.453176] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1602.454727] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1602.456185] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1602.457644] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1602.459102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1602.460566] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
[ 1602.463854] kobject_add_internal failed for 9p-fcall-cache-396 (error: -12 parent: slab)
[ 1602.465769] kmem_cache_create(9p-fcall-cache-396) failed with error -12
[ 1602.467161] CPU: 1 PID: 36302 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1602.468557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.470243] Call Trace:
[ 1602.470769]  dump_stack+0x107/0x167
[ 1602.471505]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 1602.472567]  p9_client_create+0xc6a/0x1230
[ 1602.473436]  ? p9_client_flush+0x430/0x430
[ 1602.474295]  ? _raw_spin_unlock_irqrestore+0x25/0x40
[ 1602.475319]  ? lockdep_init_map_type+0x2c7/0x780
[ 1602.476276]  ? __raw_spin_lock_init+0x36/0x110
[ 1602.477214]  v9fs_session_init+0x1dd/0x1680
[ 1602.478095]  ? lock_release+0x680/0x680
[ 1602.478919]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1602.479895]  ? v9fs_show_options+0x690/0x690
[ 1602.480791]  ? trace_hardirqs_on+0x5b/0x180
[ 1602.481672]  ? kasan_unpoison_shadow+0x33/0x50
[ 1602.482591]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1602.483624]  v9fs_mount+0x79/0x8f0
[ 1602.484336]  ? v9fs_write_inode+0x60/0x60
[ 1602.485166]  legacy_get_tree+0x105/0x220
[ 1602.485981]  vfs_get_tree+0x8e/0x300
[ 1602.486753]  path_mount+0x1490/0x21e0
[ 1602.487528]  ? strncpy_from_user+0x9e/0x470
[ 1602.488398]  ? finish_automount+0xa90/0xa90
[ 1602.489265]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1602.490184]  ? _copy_from_user+0xfb/0x1b0
[ 1602.491035]  __x64_sys_mount+0x282/0x300
[ 1602.491840]  ? copy_mnt_ns+0xa00/0xa00
[ 1602.492622]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1602.493662]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.494698]  do_syscall_64+0x33/0x40
[ 1602.495467]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1602.496566] RIP: 0033:0x7faeaa885b19
[ 1602.497302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.500979] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1602.502558] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1602.503965] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1602.505381] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1602.506804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1602.508230] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:45:09 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:45:09 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/ldiscs\x00', 0x0, 0x0)
r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r2, r1, &(0x7f0000000040)=0xb, 0x80000001)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000040)=0x13, 0x4)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x19, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)

20:45:09 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:45:09 executing program 5:
syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x88a4, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:45:09 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x640c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3365, &(0x7f0000000080)={0x0, 0x400000, 0x0, 0x3}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680))
r0 = syz_io_uring_setup(0x782e, &(0x7f0000000580), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7fab, 0xf6fa, 0x3, &(0x7f0000000640)={[0x1]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index}, 0x8)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={r0, 0x20, 0x2, 0x20})
syz_io_uring_setup(0x2a77, &(0x7f0000000340)={0x0, 0x2000000, 0x2, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001a2344346e04c95e9589282212bd1e9d6642adb58b32821e4af45d2ab7f902ddea9755b18aa680e7c106009e78566078ba9b02b02d1a2820b3076bb2e61d13892c02eaf8482a6755498fd90fda973b81eb6ee65cf3fd9ff12701df018069ebb75b606a57453040c7883255fa7c3fcd1775365c87ec99eb41defe8e923d829b2cd777def17bf903923a0d40c02882fee740234af3ca6e6c71df8892754b5ce4a68653e1663f758b3a0342115a92345b6f48d8a66721716a30c327bc9e4ec672d6cb6641a1b706caf6eb8cfca71a", @ANYRESDEC, @ANYBLOB="000827bd7000fddbc408df254400040008007e0e85a7c346346de2531e14570d41e0517a75f8636c713adfa72795e28aff7ae1dccca0ef3c95c0c3602620b639b787c6b23a26d44f959aa5bb6733282665fe87529f501790a30d15d6165a13dadd06a07ba510f58da11f305115d7063032acc30b14829eaac814990386175e5cdc0fd73243ee830f8e65fd2946462eed", @ANYRES32=0x0, @ANYBLOB="0c009900ff0700006e000000040092d5ecbd2b3d1911fa7cf6cf2fd7544b0c4dbb2db482bf0008"], 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x240000d0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$FIONCLEX(r3, 0x5450)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x61d69414}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58af, 0x0, 0x2, 0x0, 0x0)

20:45:09 executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3f0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:45:09 executing program 3:
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xe8, 0x19, 0x1, 0x0, 0x0, {0xa}, [@nested={0xd3, 0x15a9, 0x0, 0x1, [@typed={0x93, 0x39, 0x0, 0x0, @str='P\xa9Dr\xb6\xcf`I\xb1\x16\r\xb8 \xd7\x87\xb9j\x9c\xed8k\xbb\xfa\x00\xd9\x7f\x00\xd7\xe8!\xca\xb9\f\x19\xe0\xf8\xfan\xa5\x84s\xe94\xe7?\xa5\xbb\xdd\xca)\xc2v\xeb\f\n\xe2=\x80kwu\xb5\xf2D\x02<\x9f-\xac\x8e\x00\'\x89\x18\x85\xf6|/\x00\xc5j\xc9K\xc6\x8fJ\x99\x16\xb8\xd1*\x01a\xed\xe1\x91\xa1\x8f\xf0\x16k\xab\a<g\xcf\n\x8bgM\xe4\x86\xa5=\x0e\xe6:B\x91\xc4PARV]\xfd5Z\x1d\xdbv(v\xf3i\r\v\x00\x00\x00\x00\x00\x00'}, @typed={0x14, 0x77, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast2}}, @generic="0ec8826e2d649e218eb4edaab77311c3e8653033a35b16eea9db1abc7b11c611e3ca5fb64fefa6"]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20040000}, 0x20000000)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/ldiscs\x00', 0x0, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x30, r0, 0xda65a000)
sendfile(r1, r0, &(0x7f0000000040)=0xb, 0x80000001)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f00000003c0)={0x10, 0x0, {0x4, @usage, 0x0, 0x7, 0x7, 0x2, 0x6, 0x1, 0xc8, @usage=0xc5, 0x1ff, 0x1, [0x20, 0xff, 0xd9f, 0x6, 0x0, 0x1]}, {0x1, @usage=0x100, 0x0, 0x7, 0x7, 0x9, 0x81, 0x9, 0x49b, @usage=0x1, 0x7, 0xffffffff, [0x6, 0x100000000, 0x1, 0x8, 0x4, 0x789]}, {0x7, @usage=0x4, 0x0, 0x3, 0x2, 0x1, 0x20, 0xfb07, 0x44, @usage=0xffffffffffffffff, 0x7, 0x5, [0x8001, 0x7f8b, 0x0, 0x8000, 0x1, 0x5]}, {0x5, 0x3f, 0x5}})
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x0, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x26}, @val={0x8}, @void}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000040)

20:45:09 executing program 2:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}}) (fail_nth: 64)

20:45:09 executing program 6:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa0a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}]}})

20:45:09 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@msize={'msize', 0x3d, 0x2000007}}, {@cache_none}, {@version_L}]}})

20:45:09 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mount$9p_fd(0xedc000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x2000007}}]}})

[ 1602.767139] FAULT_INJECTION: forcing a failure.
[ 1602.767139] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.769339] CPU: 1 PID: 36792 Comm: syz-executor.2 Not tainted 5.10.245 #1
[ 1602.770571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.772052] Call Trace:
[ 1602.772528]  dump_stack+0x107/0x167
[ 1602.773176]  should_fail.cold+0x5/0xa
[ 1602.773857]  ? create_object.isra.0+0x3a/0xa30
[ 1602.774677]  should_failslab+0x5/0x20
[ 1602.775356]  kmem_cache_alloc+0x5b/0x310
[ 1602.776072]  create_object.isra.0+0x3a/0xa30
[ 1602.776839]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1602.777735]  __kmalloc_track_caller+0x177/0x370
[ 1602.778553]  ? kstrdup_const+0x53/0x80
[ 1602.779239]  kstrdup+0x36/0x70
[ 1602.779801]  kstrdup_const+0x53/0x80
[ 1602.780454]  __kernfs_new_node+0x9d/0x860
[ 1602.781185]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1602.782025]  ? lock_acquire+0x197/0x470
[ 1602.782725]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1602.783646]  ? lock_release+0x680/0x680
[ 1602.784344]  ? find_held_lock+0x2c/0x110
[ 1602.785061]  kernfs_new_node+0x18d/0x250
[ 1602.785780]  kernfs_create_dir_ns+0x49/0x160
[ 1602.786560]  sysfs_create_dir_ns+0x127/0x290
[ 1602.787329]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1602.788171]  ? rwlock_bug.part.0+0x90/0x90
[ 1602.788916]  ? do_raw_spin_unlock+0x4f/0x220
[ 1602.789696]  kobject_add_internal+0x25e/0xa30
[ 1602.790501]  kobject_init_and_add+0x101/0x160
[ 1602.791290]  ? kobject_create_and_add+0xb0/0xb0
[ 1602.792103]  ? wait_for_completion_io+0x270/0x270
[ 1602.792947]  ? kernfs_name_hash+0xe7/0x110
[ 1602.793674]  ? kernfs_find_ns+0x256/0x380
[ 1602.794411]  sysfs_slab_add+0x172/0x200
[ 1602.795098]  __kmem_cache_create+0x3db/0x520
[ 1602.795866]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 1602.796744]  p9_client_create+0xc6a/0x1230
[ 1602.797492]  ? p9_client_flush+0x430/0x430
[ 1602.798234]  ? trace_hardirqs_on+0x5b/0x180
[ 1602.798990]  ? lockdep_init_map_type+0x2c7/0x780
[ 1602.799814]  ? __raw_spin_lock_init+0x36/0x110
[ 1602.800606]  v9fs_session_init+0x1dd/0x1680
[ 1602.801351]  ? lock_release+0x680/0x680
[ 1602.802044]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1602.802874]  ? v9fs_show_options+0x690/0x690
[ 1602.803637]  ? trace_hardirqs_on+0x5b/0x180
[ 1602.804377]  ? kasan_unpoison_shadow+0x33/0x50
[ 1602.805161]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1602.806035]  v9fs_mount+0x79/0x8f0
[ 1602.806660]  ? v9fs_write_inode+0x60/0x60
[ 1602.807373]  legacy_get_tree+0x105/0x220
[ 1602.808073]  vfs_get_tree+0x8e/0x300
[ 1602.808713]  path_mount+0x1490/0x21e0
[ 1602.809365]  ? strncpy_from_user+0x9e/0x470
[ 1602.810101]  ? finish_automount+0xa90/0xa90
[ 1602.810873]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1602.811684]  ? _copy_from_user+0xfb/0x1b0
[ 1602.812397]  __x64_sys_mount+0x282/0x300
[ 1602.813087]  ? copy_mnt_ns+0xa00/0xa00
[ 1602.813752]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1602.814644]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.815522]  do_syscall_64+0x33/0x40
[ 1602.816152]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1602.817021] RIP: 0033:0x7faeaa885b19
[ 1602.817649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.820786] RSP: 002b:00007faea7dfb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1602.822083] RAX: ffffffffffffffda RBX: 00007faeaa998f60 RCX: 00007faeaa885b19
[ 1602.823300] RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1602.824494] RBP: 00007faea7dfb1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1602.825684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1602.826878] R13: 00007ffcbb1c0f9f R14: 00007faea7dfb300 R15: 0000000000022000
20:45:09 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000019000100"/20], 0x14}}, 0x0)

[ 1615.482399] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff888008d0b340 (size 32):
  comm "syz-executor.2", pid 36302, jiffies 4296269303 (age 21.056s)
  hex dump (first 32 bytes):
    39 70 2d 66 63 61 6c 6c 2d 63 61 63 68 65 2d 33  9p-fcall-cache-3
    39 36 00 08 80 88 ff ff 00 00 00 00 00 00 00 00  96..............
  backtrace:
    [<0000000071705c8a>] kstrdup+0x36/0x70
    [<000000005cab68e1>] kstrdup_const+0x53/0x80
    [<000000008e37f0de>] kvasprintf_const+0x10c/0x1a0
    [<000000008854146a>] kobject_set_name_vargs+0x56/0x150
    [<00000000d863dd5f>] kobject_init_and_add+0xc9/0x160
    [<00000000f925b94e>] sysfs_slab_add+0x172/0x200
    [<000000004baca4cc>] __kmem_cache_create+0x3db/0x520
    [<0000000010a3d705>] kmem_cache_create_usercopy+0x1db/0x2f0
    [<00000000c310b977>] p9_client_create+0xc6a/0x1230
    [<00000000dc9c8321>] v9fs_session_init+0x1dd/0x1680
    [<000000000e72a373>] v9fs_mount+0x79/0x8f0
    [<00000000c29d2227>] legacy_get_tree+0x105/0x220
    [<00000000116cace6>] vfs_get_tree+0x8e/0x300
    [<000000002c314a07>] path_mount+0x1490/0x21e0
    [<0000000039cf9a2e>] __x64_sys_mount+0x282/0x300
    [<00000000be477830>] do_syscall_64+0x33/0x40

BUG: leak checking failed

VM DIAGNOSIS:
20:45:30  Registers:
info registers vcpu 0
RAX=ffffffff83e989f0 RBX=0000000000000000 RCX=ffffffff83e8065c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e991b8 RBP=0000000000000000 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001
R12=0000000000000000 R13=ffffffff85679f88 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e989fe RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffe3bcda440 CR3=000000001a232000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e
XMM02=3a29323320657a697328203034336230 XMM03=363320646970202c22322e726f747563
XMM04=6c6c6163662d70392020333320643220 XMM05=32206336206336203136203336203636
XMM06=73657479622032332074737269662820 XMM07=2e313220656761282033303339363236
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffffffff83e989f0 RBX=0000000000000001 RCX=ffffffff83e8065c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e991b8 RBP=0000000000000001 RSP=ffff888008987e70
R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001
R12=0000000000000001 R13=ffffffff85679f88 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e989fe RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f88880fd020 CR3=0000000008dae000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=0000000000000000418aaf89c0000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000