x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

[ 2268.055161] 9pnet: Insufficient options for proto=fd
17:37:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(0x0, 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:37:01 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:01 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
sendfile(r2, r1, 0x0, 0x40)
execveat(r1, &(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)=[&(0x7f0000000040)='\x00'], &(0x7f0000000380)=[&(0x7f0000000100)='\x00', &(0x7f0000000140)='\x00', &(0x7f0000000180)='[\\}]\x00', &(0x7f00000001c0)='\x00', &(0x7f0000000200)='\xa7(^:^.:\x00', &(0x7f0000000240)=',@%\x00', &(0x7f00000002c0)='%\x00', &(0x7f0000000300)=',\x00', &(0x7f0000000340)='\x00'], 0x1000)

17:37:01 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:01 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 17)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:37:01 executing program 2:
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:01 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:01 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2268.280476] FAULT_INJECTION: forcing a failure.
[ 2268.280476] name failslab, interval 1, probability 0, space 0, times 0
[ 2268.283279] CPU: 1 PID: 25302 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2268.284905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2268.286768] Call Trace:
[ 2268.287383]  dump_stack+0x107/0x167
[ 2268.288221]  should_fail.cold+0x5/0xa
[ 2268.289089]  ? create_object.isra.0+0x3a/0xa30
[ 2268.290123]  should_failslab+0x5/0x20
[ 2268.290983]  kmem_cache_alloc+0x5b/0x310
[ 2268.291902]  create_object.isra.0+0x3a/0xa30
[ 2268.292920]  kmemleak_alloc_percpu+0xa0/0x100
[ 2268.293936]  pcpu_alloc+0x4e2/0x1240
[ 2268.294796]  ? io_async_queue_proc+0x80/0x80
[ 2268.295788]  percpu_ref_init+0x31/0x3d0
[ 2268.296698]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2268.297919]  io_uring_setup+0x14f6/0x2980
[ 2268.298869]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2268.300005]  ? wait_for_completion_io+0x270/0x270
[ 2268.301157]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2268.302339]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2268.303501]  do_syscall_64+0x33/0x40
[ 2268.304351]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2268.305507] RIP: 0033:0x7fea1df7ab19
[ 2268.306343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2268.310488] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2268.312203] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2268.313805] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2268.315407] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2268.317030] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2268.318659] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:37:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:37:01 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:16 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfTno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:37:16 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:16 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB='ile1\x00'])
sendfile(r0, r1, 0x0, 0x100000001)

17:37:16 executing program 2:
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:16 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 18)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:37:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:37:16 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:16 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:37:16 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2283.169453] 9pnet: Insufficient options for proto=fd
[ 2283.178504] FAULT_INJECTION: forcing a failure.
[ 2283.178504] name failslab, interval 1, probability 0, space 0, times 0
[ 2283.181410] CPU: 1 PID: 25351 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2283.182873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2283.184635] Call Trace:
[ 2283.185198]  dump_stack+0x107/0x167
[ 2283.185975]  should_fail.cold+0x5/0xa
[ 2283.186794]  ? percpu_ref_init+0xd8/0x3d0
[ 2283.187669]  should_failslab+0x5/0x20
[ 2283.188490]  kmem_cache_alloc_trace+0x55/0x320
[ 2283.189462]  ? io_async_queue_proc+0x80/0x80
[ 2283.190386]  percpu_ref_init+0xd8/0x3d0
[ 2283.191235]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2283.192389]  io_uring_setup+0x14f6/0x2980
[ 2283.193276]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2283.194343]  ? wait_for_completion_io+0x270/0x270
[ 2283.195396]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2283.196517]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2283.197620]  do_syscall_64+0x33/0x40
[ 2283.198404]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2283.199482] RIP: 0033:0x7fea1df7ab19
[ 2283.200280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2283.204212] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2283.205833] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2283.207332] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2283.208840] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2283.210353] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2283.211869] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:37:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:37:16 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:16 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:32 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 19)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:37:32 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:32 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfVno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:37:32 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:32 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:37:32 executing program 2:
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:32 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
r3 = dup3(r2, r1, 0x0)
r4 = openat(r3, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x82)
sendfile(r0, r4, 0x0, 0x100000001)

17:37:32 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2298.741210] FAULT_INJECTION: forcing a failure.
[ 2298.741210] name failslab, interval 1, probability 0, space 0, times 0
[ 2298.743200] CPU: 1 PID: 25482 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2298.744393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2298.745725] Call Trace:
[ 2298.746145]  dump_stack+0x107/0x167
[ 2298.746733]  should_fail.cold+0x5/0xa
[ 2298.747348]  ? create_object.isra.0+0x3a/0xa30
[ 2298.748077]  should_failslab+0x5/0x20
[ 2298.748697]  kmem_cache_alloc+0x5b/0x310
[ 2298.749355]  create_object.isra.0+0x3a/0xa30
[ 2298.750059]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2298.750876]  kmem_cache_alloc_trace+0x151/0x320
[ 2298.751621]  ? io_async_queue_proc+0x80/0x80
[ 2298.752333]  percpu_ref_init+0xd8/0x3d0
[ 2298.752976]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2298.753835]  io_uring_setup+0x14f6/0x2980
[ 2298.754488]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2298.755273]  ? wait_for_completion_io+0x270/0x270
[ 2298.756048]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2298.756870]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2298.757671]  do_syscall_64+0x33/0x40
[ 2298.758246]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2298.759042] RIP: 0033:0x7fea1df7ab19
[ 2298.759619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2298.762482] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2298.763673] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2298.764792] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2298.765897] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2298.767002] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2298.768100] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2298.774544] 9pnet: Insufficient options for proto=fd
17:37:32 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 20)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:37:32 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:32 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2299.016868] FAULT_INJECTION: forcing a failure.
[ 2299.016868] name failslab, interval 1, probability 0, space 0, times 0
[ 2299.020986] CPU: 0 PID: 25557 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2299.022509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2299.024320] Call Trace:
[ 2299.024905]  dump_stack+0x107/0x167
[ 2299.025687]  should_fail.cold+0x5/0xa
[ 2299.026513]  ? create_object.isra.0+0x3a/0xa30
[ 2299.027487]  should_failslab+0x5/0x20
[ 2299.028294]  kmem_cache_alloc+0x5b/0x310
[ 2299.029185]  create_object.isra.0+0x3a/0xa30
[ 2299.030118]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2299.031213]  kmem_cache_alloc_trace+0x151/0x320
[ 2299.032211]  ? io_async_queue_proc+0x80/0x80
[ 2299.033165]  percpu_ref_init+0xd8/0x3d0
[ 2299.034035]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2299.035178]  io_uring_setup+0x14f6/0x2980
[ 2299.036074]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2299.037169]  ? wait_for_completion_io+0x270/0x270
[ 2299.038218]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2299.039331]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2299.040546]  do_syscall_64+0x33/0x40
[ 2299.041348]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2299.042425] RIP: 0033:0x7fea1df7ab19
[ 2299.043215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2299.047116] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2299.048750] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2299.050260] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2299.051766] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2299.053299] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2299.054811] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:37:47 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 21)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:37:47 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfbno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:37:47 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00))
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, 0x0}, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:37:47 executing program 5:
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:47 executing program 2:
r0 = creat(0x0, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:37:47 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000a00)=<r3=>0x0)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
r8 = dup3(r7, r6, 0x0)
ioctl$CDROMMULTISESSION(r8, 0x5310, &(0x7f0000000040)={@msf, 0x0, 0x1})
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x3, 0x0, r8}, 0x1f)
r9 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r10 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r11 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r11, r10, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r11, 0x400c6615, &(0x7f00000000c0)={0x0, @aes256, 0x0, @desc3})
sendfile(r0, r9, 0x0, 0x100000001)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)

17:37:47 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2314.635309] FAULT_INJECTION: forcing a failure.
[ 2314.635309] name failslab, interval 1, probability 0, space 0, times 0
[ 2314.636843] CPU: 0 PID: 25609 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2314.637655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2314.638626] Call Trace:
[ 2314.638941]  dump_stack+0x107/0x167
[ 2314.639377]  should_fail.cold+0x5/0xa
[ 2314.639824]  ? __d_alloc+0x2a/0x990
[ 2314.640256]  should_failslab+0x5/0x20
[ 2314.640728]  kmem_cache_alloc+0x5b/0x310
[ 2314.641212]  __d_alloc+0x2a/0x990
[ 2314.641622]  ? find_held_lock+0x2c/0x110
[ 2314.642115]  d_alloc_pseudo+0x19/0x70
[ 2314.642560]  alloc_file_pseudo+0xce/0x250
[ 2314.643046]  ? trace_hardirqs_on+0x5b/0x180
[ 2314.643560]  ? alloc_file+0x5a0/0x5a0
[ 2314.644019]  anon_inode_getfile+0xc8/0x1f0
[ 2314.644542]  io_uring_setup+0x138b/0x2980
[ 2314.645036]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2314.645635]  ? wait_for_completion_io+0x270/0x270
[ 2314.646237]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2314.646852]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2314.647472]  do_syscall_64+0x33/0x40
[ 2314.647908]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2314.648533] RIP: 0033:0x7fea1df7ab19
[ 2314.648970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2314.651222] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2314.652259] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2314.653165] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2314.653988] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2314.654816] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2314.655649] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2314.671191] 9pnet: Insufficient options for proto=fd
17:37:48 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 22)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:37:48 executing program 6:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:37:48 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00))
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, 0x0}, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:37:48 executing program 2:
r0 = creat(0x0, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:37:48 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2314.797842] FAULT_INJECTION: forcing a failure.
[ 2314.797842] name failslab, interval 1, probability 0, space 0, times 0
[ 2314.799397] CPU: 0 PID: 25678 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2314.800303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2314.801276] Call Trace:
[ 2314.801593]  dump_stack+0x107/0x167
[ 2314.802019]  should_fail.cold+0x5/0xa
[ 2314.802464]  ? create_object.isra.0+0x3a/0xa30
[ 2314.802991]  should_failslab+0x5/0x20
[ 2314.803441]  kmem_cache_alloc+0x5b/0x310
[ 2314.803911]  create_object.isra.0+0x3a/0xa30
[ 2314.804424]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2314.805020]  kmem_cache_alloc+0x159/0x310
[ 2314.805512]  __d_alloc+0x2a/0x990
[ 2314.805912]  ? find_held_lock+0x2c/0x110
[ 2314.806390]  d_alloc_pseudo+0x19/0x70
[ 2314.806828]  alloc_file_pseudo+0xce/0x250
[ 2314.807312]  ? trace_hardirqs_on+0x5b/0x180
[ 2314.807806]  ? alloc_file+0x5a0/0x5a0
[ 2314.808271]  anon_inode_getfile+0xc8/0x1f0
[ 2314.808776]  io_uring_setup+0x138b/0x2980
[ 2314.809268]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2314.809849]  ? wait_for_completion_io+0x270/0x270
[ 2314.810425]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2314.811034]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2314.811636]  do_syscall_64+0x33/0x40
[ 2314.812067]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2314.812678] RIP: 0033:0x7fea1df7ab19
[ 2314.813122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2314.815255] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2314.816137] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2314.816966] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2314.817797] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2314.818622] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2314.819447] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:37:48 executing program 5:
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:37:48 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfgno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:37:48 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 23)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:37:48 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00))
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, 0x0}, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2314.970299] 9pnet: Insufficient options for proto=fd
[ 2315.077394] FAULT_INJECTION: forcing a failure.
[ 2315.077394] name failslab, interval 1, probability 0, space 0, times 0
[ 2315.080033] CPU: 1 PID: 25819 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2315.081525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2315.083281] Call Trace:
[ 2315.083851]  dump_stack+0x107/0x167
[ 2315.084635]  should_fail.cold+0x5/0xa
[ 2315.085632]  ? __alloc_file+0x21/0x320
[ 2315.086648]  should_failslab+0x5/0x20
[ 2315.087657]  kmem_cache_alloc+0x5b/0x310
[ 2315.088579]  __alloc_file+0x21/0x320
[ 2315.089413]  alloc_empty_file+0x6d/0x170
[ 2315.090312]  alloc_file+0x5e/0x5a0
[ 2315.091127]  alloc_file_pseudo+0x16a/0x250
[ 2315.092023]  ? alloc_file+0x5a0/0x5a0
[ 2315.092852]  anon_inode_getfile+0xc8/0x1f0
[ 2315.093754]  io_uring_setup+0x138b/0x2980
[ 2315.094639]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2315.095716]  ? wait_for_completion_io+0x270/0x270
[ 2315.096776]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2315.097884]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2315.098979]  do_syscall_64+0x33/0x40
[ 2315.099762]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2315.100854] RIP: 0033:0x7fea1df7ab19
[ 2315.101634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2315.105496] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2315.107138] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2315.108688] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2315.110244] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2315.111802] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2315.113379] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:38:03 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 24)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:38:03 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfqno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:38:03 executing program 2:
r0 = creat(0x0, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2330.094109] 9pnet: Insufficient options for proto=fd
17:38:03 executing program 6:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:03 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:03 executing program 1:
llistxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/25, 0x19)

17:38:03 executing program 5:
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:38:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, 0x0, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:03 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x118)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
r4 = dup3(r3, r2, 0x0)
ioctl$CDROMMULTISESSION(r4, 0x5310, &(0x7f0000000040)={@msf, 0x0, 0x1})
sendfile(r4, r1, &(0x7f0000000040)=0x4, 0xe4ed)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r5, 0x0, 0x100000001)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
ioctl$CDROMSTART(r6, 0x5308)
openat(r0, &(0x7f00000000c0)='./file1\x00', 0x402900, 0x100)

17:38:03 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2330.145381] FAULT_INJECTION: forcing a failure.
[ 2330.145381] name failslab, interval 1, probability 0, space 0, times 0
[ 2330.150052] CPU: 0 PID: 25856 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2330.152003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2330.154307] Call Trace:
[ 2330.155042]  dump_stack+0x107/0x167
[ 2330.156057]  should_fail.cold+0x5/0xa
[ 2330.157138]  ? create_object.isra.0+0x3a/0xa30
[ 2330.158406]  should_failslab+0x5/0x20
[ 2330.159460]  kmem_cache_alloc+0x5b/0x310
[ 2330.160586]  create_object.isra.0+0x3a/0xa30
[ 2330.161843]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2330.163240]  kmem_cache_alloc+0x159/0x310
[ 2330.164402]  __alloc_file+0x21/0x320
[ 2330.165459]  alloc_empty_file+0x6d/0x170
[ 2330.166392]  alloc_file+0x5e/0x5a0
[ 2330.167380]  alloc_file_pseudo+0x16a/0x250
[ 2330.168537]  ? alloc_file+0x5a0/0x5a0
[ 2330.169628]  anon_inode_getfile+0xc8/0x1f0
[ 2330.170818]  io_uring_setup+0x138b/0x2980
[ 2330.171992]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2330.173405]  ? wait_for_completion_io+0x270/0x270
[ 2330.174799]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2330.176267]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2330.177697]  do_syscall_64+0x33/0x40
[ 2330.178594]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2330.179983] RIP: 0033:0x7fea1df7ab19
[ 2330.181031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2330.186201] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2330.188355] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2330.190049] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2330.191706] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2330.193491] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2330.195107] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:38:03 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(0x0, 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, 0x0, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:03 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:03 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfsno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:38:03 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 25)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:38:03 executing program 6:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2330.367217] 9pnet: Insufficient options for proto=fd
17:38:03 executing program 5:
r0 = creat(0x0, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:03 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(0x0, 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:03 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2330.544309] FAULT_INJECTION: forcing a failure.
[ 2330.544309] name failslab, interval 1, probability 0, space 0, times 0
[ 2330.547443] CPU: 0 PID: 26020 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2330.548911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2330.550652] Call Trace:
[ 2330.551280]  dump_stack+0x107/0x167
[ 2330.552088]  should_fail.cold+0x5/0xa
[ 2330.552899]  ? security_file_alloc+0x34/0x170
[ 2330.553840]  should_failslab+0x5/0x20
[ 2330.554643]  kmem_cache_alloc+0x5b/0x310
[ 2330.555498]  security_file_alloc+0x34/0x170
[ 2330.556405]  __alloc_file+0xb7/0x320
[ 2330.557211]  alloc_empty_file+0x6d/0x170
[ 2330.558072]  alloc_file+0x5e/0x5a0
[ 2330.558821]  alloc_file_pseudo+0x16a/0x250
[ 2330.559704]  ? alloc_file+0x5a0/0x5a0
[ 2330.560519]  anon_inode_getfile+0xc8/0x1f0
[ 2330.561426]  io_uring_setup+0x138b/0x2980
[ 2330.562309]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2330.563370]  ? wait_for_completion_io+0x270/0x270
[ 2330.564410]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2330.565513]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2330.566603]  do_syscall_64+0x33/0x40
[ 2330.567387]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2330.568461] RIP: 0033:0x7fea1df7ab19
[ 2330.569251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2330.573116] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2330.574718] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2330.576211] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2330.577720] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2330.579211] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2330.580709] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:38:18 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 26)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:38:18 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:18 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, 0x0, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:18 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000440)={{0x1, 0x1, 0x18, <r1=>r0}, './file1/file0\x00'})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0/file0/file0\x00', &(0x7f0000000340), 0x3014040, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@noextend}, {@privport}, {@version_u}], [{@measure}, {@measure}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@func={'func', 0x3d, 'PATH_CHECK'}}, {@subj_role={'subj_role', 0x3d, '\x00'}}]}})
openat(r0, &(0x7f0000000540)='./file0/file0/file0\x00', 0x444740, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0fffffff0f", 0x10, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000e880325132510000e880325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100063e870325132510000e870325103", 0x5b, 0x12000}, {&(0x7f0000010a00)="2e20202020202020202020100063e870325132510000e87032510300000000002e2e202020202020202020100063e870325132510000e870325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530", 0x65, 0x12800}], 0x0, &(0x7f0000000140)=ANY=[])
unlinkat(r3, &(0x7f0000000180)='./file0/file0\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x920420, &(0x7f00000000c0)=ANY=[])
syz_io_uring_setup(0x5dd4, &(0x7f00000002c0)={0x0, 0xbcf9, 0x8, 0x0, 0x177}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000580)=<r4=>0x0, &(0x7f0000000040))
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000000, 0x100010, r2, 0x10000000)
r6 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb39e}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, 0x2}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r6, 0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r6, 0x8000000)
syz_io_uring_submit(r10, r8, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1, r9}}, 0x80000001)
syz_io_uring_submit(r4, r5, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x4004, @fd_index, 0x9, &(0x7f00000003c0)=""/86, 0x56, 0x0, 0x0, {0x0, r9}}, 0x2)
sendfile(r0, r2, 0x0, 0x100000001)

17:38:18 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfuno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:38:18 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(0x0, 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:18 executing program 5:
r0 = creat(0x0, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:18 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2345.130828] 9pnet: Insufficient options for proto=fd
[ 2345.165855] FAULT_INJECTION: forcing a failure.
[ 2345.165855] name failslab, interval 1, probability 0, space 0, times 0
[ 2345.168793] CPU: 0 PID: 26111 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2345.170251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2345.172005] Call Trace:
[ 2345.172572]  dump_stack+0x107/0x167
[ 2345.173357]  should_fail.cold+0x5/0xa
[ 2345.174166]  ? create_object.isra.0+0x3a/0xa30
[ 2345.175125]  should_failslab+0x5/0x20
[ 2345.175944]  kmem_cache_alloc+0x5b/0x310
[ 2345.176814]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 2345.177985]  create_object.isra.0+0x3a/0xa30
[ 2345.178912]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2345.179994]  kmem_cache_alloc+0x159/0x310
[ 2345.180884]  security_file_alloc+0x34/0x170
[ 2345.181805]  __alloc_file+0xb7/0x320
[ 2345.182597]  alloc_empty_file+0x6d/0x170
[ 2345.183453]  alloc_file+0x5e/0x5a0
[ 2345.184206]  alloc_file_pseudo+0x16a/0x250
[ 2345.185109]  ? alloc_file+0x5a0/0x5a0
[ 2345.185934]  anon_inode_getfile+0xc8/0x1f0
[ 2345.186831]  io_uring_setup+0x138b/0x2980
[ 2345.187718]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2345.188790]  ? wait_for_completion_io+0x270/0x270
[ 2345.189839]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2345.190940]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2345.192029]  do_syscall_64+0x33/0x40
[ 2345.192822]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2345.193910] RIP: 0033:0x7fea1df7ab19
[ 2345.194699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2345.198568] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2345.200163] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2345.201674] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2345.203179] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2345.204677] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2345.206185] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:38:18 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfwno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:38:18 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:38:18 executing program 5:
r0 = creat(0x0, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:18 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:18 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
read(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2345.283768] 9pnet: Insufficient options for proto=fd
17:38:18 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:18 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:37 executing program 1:
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/56, 0x38, 0x6c5)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(r0, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1}, './file1\x00'})
r2 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000006, 0x80010, r2, 0x5d39e000)
sendfile(r0, r1, 0x0, 0x100000001)

17:38:37 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfd\"o=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:38:37 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:37 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:38:37 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(0x0, 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:37 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 27)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:38:37 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:37 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
read(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2364.122053] 9pnet: Insufficient options for proto=fd
[ 2364.168101] FAULT_INJECTION: forcing a failure.
[ 2364.168101] name failslab, interval 1, probability 0, space 0, times 0
[ 2364.170829] CPU: 0 PID: 26348 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2364.172349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2364.174171] Call Trace:
[ 2364.174749]  dump_stack+0x107/0x167
[ 2364.175545]  should_fail.cold+0x5/0xa
[ 2364.176398]  ? io_uring_alloc_task_context+0x99/0x6a0
[ 2364.177543]  should_failslab+0x5/0x20
[ 2364.178387]  kmem_cache_alloc_trace+0x55/0x320
[ 2364.179492]  io_uring_alloc_task_context+0x99/0x6a0
[ 2364.180666]  ? io_import_iovec+0x1120/0x1120
[ 2364.181666]  ? lock_downgrade+0x6d0/0x6d0
[ 2364.182589]  ? do_raw_spin_lock+0x121/0x260
[ 2364.183550]  ? rwlock_bug.part.0+0x90/0x90
[ 2364.184511]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2364.185599]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2364.186761]  ? alloc_fd+0x2e7/0x670
[ 2364.187588]  io_uring_setup+0x1fbb/0x2980
[ 2364.188534]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2364.189684]  ? wait_for_completion_io+0x270/0x270
[ 2364.190790]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2364.191977]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2364.193142]  do_syscall_64+0x33/0x40
[ 2364.193975]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2364.195116] RIP: 0033:0x7fea1df7ab19
[ 2364.195949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2364.200008] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2364.201686] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2364.203259] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2364.204843] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2364.206421] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2364.208000] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:38:37 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:37 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:38:37 executing program 1:
ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, &(0x7f0000000000))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(r0, 0x0, 0x125d43, 0x160)
syz_mount_image$vfat(&(0x7f0000000140), 0x0, 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0xfffffffffffffff8}], 0x50, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x40, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0x2}, 0x0, 0xc5, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmctl$SHM_LOCK(0x0, 0xb)
shmctl$IPC_RMID(0x0, 0x0)
shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0)
shmctl$SHM_LOCK(0x0, 0xb)
shmctl$IPC_INFO(0x0, 0x3, &(0x7f00000003c0)=""/92)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
setxattr$incfs_id(&(0x7f0000000040)='./file1/file0\x00', &(0x7f00000000c0), &(0x7f0000000100)={'0000000000000000000000000000000', 0x31}, 0x20, 0x2)

17:38:37 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(0x0, 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:37 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:37 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
read(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:37 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfd,o=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:38:37 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 28)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:38:37 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2364.517645] 9pnet: Insufficient options for proto=fd
[ 2364.580057] FAULT_INJECTION: forcing a failure.
[ 2364.580057] name failslab, interval 1, probability 0, space 0, times 0
[ 2364.582370] CPU: 1 PID: 26479 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2364.583917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2364.585375] Call Trace:
[ 2364.585845]  dump_stack+0x107/0x167
[ 2364.586498]  should_fail.cold+0x5/0xa
[ 2364.587179]  ? create_object.isra.0+0x3a/0xa30
[ 2364.587994]  should_failslab+0x5/0x20
[ 2364.588678]  kmem_cache_alloc+0x5b/0x310
[ 2364.589425]  create_object.isra.0+0x3a/0xa30
[ 2364.590228]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2364.591154]  kmem_cache_alloc_trace+0x151/0x320
[ 2364.592013]  io_uring_alloc_task_context+0x99/0x6a0
[ 2364.592928]  ? io_import_iovec+0x1120/0x1120
[ 2364.593735]  ? lock_downgrade+0x6d0/0x6d0
[ 2364.594487]  ? do_raw_spin_lock+0x121/0x260
[ 2364.595269]  ? rwlock_bug.part.0+0x90/0x90
[ 2364.596039]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2364.596903]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2364.597842]  ? alloc_fd+0x2e7/0x670
[ 2364.598504]  io_uring_setup+0x1fbb/0x2980
[ 2364.599252]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2364.600159]  ? wait_for_completion_io+0x270/0x270
[ 2364.601050]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2364.601992]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2364.602919]  do_syscall_64+0x33/0x40
[ 2364.603584]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2364.604499] RIP: 0033:0x7fea1df7ab19
[ 2364.605179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2364.608473] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2364.609847] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2364.611131] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2364.612417] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2364.613695] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2364.614959] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:38:52 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 29)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:38:52 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdn\"=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:38:52 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:52 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(0x0, 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:52 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:52 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000000)='cpuset.mem_exclusive\x00', 0x2, 0x0)
sendfile(r0, r2, 0x0, 0x100000000)

17:38:52 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:52 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, 0x0, 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2378.800188] 9pnet: Insufficient options for proto=fd
17:38:52 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r3, r2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3, {0x5}}, './file1\x00'})

[ 2378.860355] FAULT_INJECTION: forcing a failure.
[ 2378.860355] name failslab, interval 1, probability 0, space 0, times 0
[ 2378.862357] CPU: 1 PID: 26621 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2378.863523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2378.864907] Call Trace:
[ 2378.865366]  dump_stack+0x107/0x167
[ 2378.865977]  should_fail.cold+0x5/0xa
[ 2378.866614]  ? create_object.isra.0+0x3a/0xa30
[ 2378.867374]  should_failslab+0x5/0x20
[ 2378.868012]  kmem_cache_alloc+0x5b/0x310
[ 2378.868697]  create_object.isra.0+0x3a/0xa30
[ 2378.869448]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2378.870310]  kmem_cache_alloc_trace+0x151/0x320
[ 2378.871091]  io_uring_alloc_task_context+0x99/0x6a0
[ 2378.871922]  ? io_import_iovec+0x1120/0x1120
[ 2378.872658]  ? lock_downgrade+0x6d0/0x6d0
[ 2378.873408]  ? do_raw_spin_lock+0x121/0x260
[ 2378.874128]  ? rwlock_bug.part.0+0x90/0x90
[ 2378.874838]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2378.875650]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2378.876525]  ? alloc_fd+0x2e7/0x670
[ 2378.877148]  io_uring_setup+0x1fbb/0x2980
[ 2378.877852]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2378.878694]  ? wait_for_completion_io+0x270/0x270
[ 2378.879518]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2378.880393]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2378.881264]  do_syscall_64+0x33/0x40
[ 2378.881889]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2378.882723] RIP: 0033:0x7fea1df7ab19
[ 2378.883332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2378.886383] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2378.887631] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2378.888808] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2378.889981] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2378.891150] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2378.892314] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:38:52 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:52 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, 0x0, 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:52 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:38:52 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:52 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:38:52 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdn,=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:38:52 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 30)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:38:52 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, 0x0, 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:38:52 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:38:52 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2379.165436] 9pnet: Insufficient options for proto=fd
[ 2379.183212] FAULT_INJECTION: forcing a failure.
[ 2379.183212] name failslab, interval 1, probability 0, space 0, times 0
[ 2379.185992] CPU: 0 PID: 26720 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2379.187499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2379.189316] Call Trace:
[ 2379.189896]  dump_stack+0x107/0x167
[ 2379.190692]  should_fail.cold+0x5/0xa
[ 2379.191524]  ? create_object.isra.0+0x3a/0xa30
[ 2379.192523]  should_failslab+0x5/0x20
[ 2379.193364]  kmem_cache_alloc+0x5b/0x310
[ 2379.194256]  create_object.isra.0+0x3a/0xa30
[ 2379.195219]  kmemleak_alloc_percpu+0xa0/0x100
[ 2379.196204]  pcpu_alloc+0x4e2/0x1240
[ 2379.197038]  __percpu_counter_init+0x10d/0x2d0
[ 2379.198051]  io_uring_alloc_task_context+0xcc/0x6a0
[ 2379.199139]  ? io_import_iovec+0x1120/0x1120
[ 2379.200100]  ? lock_downgrade+0x6d0/0x6d0
[ 2379.201002]  ? do_raw_spin_lock+0x121/0x260
[ 2379.201945]  ? rwlock_bug.part.0+0x90/0x90
[ 2379.202877]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2379.203925]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2379.205061]  ? alloc_fd+0x2e7/0x670
[ 2379.205873]  io_uring_setup+0x1fbb/0x2980
[ 2379.206786]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2379.207886]  ? wait_for_completion_io+0x270/0x270
[ 2379.208961]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2379.210111]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2379.211245]  do_syscall_64+0x33/0x40
[ 2379.212056]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2379.213174] RIP: 0033:0x7fea1df7ab19
[ 2379.213983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2379.217993] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2379.219647] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2379.221206] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2379.222761] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2379.224322] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2379.226047] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:39:08 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 31)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:39:08 executing program 1:
r0 = open(&(0x7f0000000000)='./file1\x00', 0x20000, 0x61)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e22, 0x1, @remote, 0x4}}, 0x0, 0x0, 0x1a, 0x0, "bade6cb31116821294234ebc9d2618c569ada2b1e5c3fc7f0bf193a8d355f6e5efc93bfbe66046e69bba7687e149a15b189e73650dff332501d5cf2b88c6b23d8daff09d7db88a370ef75c6eaeedb81d"}, 0xd8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x100000001)

17:39:08 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno\"', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:39:08 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:39:08 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140), 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:08 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:39:08 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:08 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2395.598066] 9pnet: Insufficient options for proto=fd
[ 2395.655522] FAULT_INJECTION: forcing a failure.
[ 2395.655522] name failslab, interval 1, probability 0, space 0, times 0
[ 2395.659873] CPU: 0 PID: 26849 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2395.661723] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2395.663865] Call Trace:
[ 2395.664556]  dump_stack+0x107/0x167
[ 2395.665512]  should_fail.cold+0x5/0xa
[ 2395.666504]  ? io_uring_alloc_task_context+0x4a3/0x6a0
[ 2395.667849]  should_failslab+0x5/0x20
[ 2395.668833]  kmem_cache_alloc_trace+0x55/0x320
[ 2395.670024]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 2395.671341]  ? io_import_iovec+0x1120/0x1120
[ 2395.672472]  ? lock_downgrade+0x6d0/0x6d0
[ 2395.673557]  ? do_raw_spin_lock+0x121/0x260
[ 2395.674672]  ? rwlock_bug.part.0+0x90/0x90
[ 2395.675588]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2395.676822]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2395.678183]  ? alloc_fd+0x2e7/0x670
[ 2395.679135]  io_uring_setup+0x1fbb/0x2980
[ 2395.680221]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2395.681591]  ? wait_for_completion_io+0x270/0x270
[ 2395.682836]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2395.684182]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2395.685510]  do_syscall_64+0x33/0x40
[ 2395.686398]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2395.687232] RIP: 0033:0x7fea1df7ab19
[ 2395.687828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2395.690782] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2395.692013] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2395.693165] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2395.694324] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2395.695453] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2395.696611] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:39:09 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140), 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:09 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:39:09 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:24 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 32)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:39:24 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:39:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
mknod(&(0x7f0000000040)='./file1\x00', 0x20, 0x10000)
open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_BTRFS_WITHOUT_PARENT={0x28, 0x4e, {0xea6, 0x8, 0x3, 0x2, 0x84fe, 0x3}}, 0x18b100)
r1 = syz_mount_image$nfs4(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0xfffffffffffffffd, 0x6, &(0x7f0000001380)=[{&(0x7f0000000140)="dd9a12086bc3e45e608628bacbea5b2019e6240b7d02e790c37760e496e0398c92cbf7427120969644ac96f975326f899028cb4ca05a83d6f9487da00de80f9772a08c79e58658e6a5f7f8346441a61b5a080bcc2ebb654d7c7edc0a2fda4b7503ad906339815f6cab94c0a095a886843fbc4891f04225d808896db34090b0f062876a22dabc60768d20e8b66b92d608af31447fc4d6d026aa8b82dfd7d7dc29f40509f1e5d5e36ee772", 0xaa, 0x2}, {&(0x7f0000000200)="5c47a879a283903b833d6aec2403a3af7498f921042c34645d7b582f3b8b94ddce1ded1e09d993b017b7ff91e1a4c345", 0x30}, {&(0x7f0000000240)="a05cd223897eeb80f7d1b4f5a9c062f5ed3c276e820db41433289541736dc4203f18760e0957a3b916e376", 0x2b, 0xffff}, {&(0x7f00000002c0)="4eea41fbe812e786a55f5e16fc2d549ed5c278706ea1b14489dc", 0x1a, 0x4}, {&(0x7f0000000300)="f658f132c9d3fb2a221bd9264d025b0cc0f9251a8535b0c8a1237eff6b61a6d615276a18da13fc60d68ebb43616da5452ac0abbce9494ad9c062a80d06ac5e14fbb586b764bd1d611bcbeb8b45171ca4de0d687a9995627f486a4d2eabc2fe90d817772eb2b548c4d655123090b789bb56df2dcd9706974718f5dc64dd8588326439bcd1f4c5445ac836bc7b94908b159151f99ba223a9cb6d6f3e6316ef9b6837847b7bcc8155c4ab5670ed82d16a54cb90baa4f51763477a393f9157ea403465f156a7a312bbfb37ef83bcbffbf14b027bfb8edb4d2f9cbe5efba91b871676f124263a91036d5ab4b453a51d7fd5bb4a6713ebf7f925bf0000667fc1023c5f8274ceda30cb97fe9d1372e593fd3430907862ce7808950187a412b537786334246bd7c02d8da173acff830527262d90323640513de591ff47675232a34603867fb65277b42cba6a7057a754a4002291848446ae83b05d78e5f2c43408e52404b376800907137ae8d72f104526e0263f37f4717f397ee3032a23d1900c9ae66307cbe2db5dfa3f19a684a071247e1b30b9e978781a86b58780a03e45e947d11bc581b38106c4fe662be3fc5f4ccd5a2d3f3f34adbf4b452c94d100fc7062a94230f484bfaee7fd382ae820b157588877e88a21b2ee4c8b5e7ec72a07fa29e8154fa52a7026d46e33c8f2c2592574b651028601f5587e21763347646b5d1d10b75f0dadf8d1e8ed8db42ca1c351e48cba4b026ca08f257457609300ae0d018042e5a4ab8a63b97c03c6a8e42b2b4682bbd8de82ba37bb62b0e885f48adc417417d12e1f5238c38bf05e5d637f87421bc6feef25f329f8b59653105455fe6f1e18ea76b710827edb8094bf18123763f2e5fed990053fb7dc1c0b552f7ba6ccb63c67a20d4b9336deba92e56733feb1e01024b388cb24a8d4007b4f92a71e839316e53fa1dc3637e7d0526b2b835c05ecaf292efc4d16684347d07912a7224a5d3345b76ee66208101c81a60190b3fa1dff215dc11bc6452e152e074dfe37df8bedb0a55c157832a653943b43be98863f7a664941cc93d09fdca30756d949c0ddedd67d01ce76ae42cdcca435e73dc871dc471ab1a310343068c6f3bdf9ad9118f1aca1a90fb24a21ac46e450c0aafe4d82bde03287d793553a61c25100b242bc74dfff1913bea51617653b2b120ab1fcbf7ee419164c5d838cf1c5dd2581c4a29d3bccca55bfc0f653a9c6f6e852329fae914c442f1817806324a6744f8a9a971750d69abd93e12b891c8f5a56a1d45ce873a8f34a3124352521e4170b7902385fc7762a3cf8df13445723a337a74015179b2cee248d94b0ccc317a03369800aa025aa38046091511a77e1be3987488a9528b637a765460c3a3f52370e2a995d25cb03391f16065ed59ace78717c530f44d6281d769c2db926f4d2802c066aa205fb1aca47909236cbbf9f66a3a7a3ee1c2d0a2ac119bcdad79fcda0a649e60aa1d1ccda5f8a0d6c5a51e7a514513608017cce54975c3ea89f7371ec4ae992139d28e750595b45c71d2d241b76746894befae1f47192e01b4a5ec9a688301b695ccc2bddebff39eb37b893882e090d7feda0a76d5a7b341757e6aa7403ead37484533dd7a8e8941a460c09d2a0960d566ff5d291d179f592130e111a379816eb2d1692fb2b0ebd15948385639f4e95c8364fec6a5434ad766755ac78a2a6c658008d523c71a36914448bdb29d7975c660979b5b077bb3cad5c70a65c65053e85f2373501cade43009e1fa78535c00aaa82d853cf5ec7ea06da242d7697f50f69f584770554ae83fe0c921f56dd32f319cb33f868e0b0d4d90744d24788ee05d733d49bf18cc92ad85b7ea15d54a066e52bff92e8a1a5b9239a619ee6dcf4dc23b9a7d8e4ccca03913ddab73085d1290d7ae669b4e429fb216a2484fe643751566a3cfbaf6b1fd5ade8ee94b0e351a1f7b1777eceed1f2fa1b12b768c35c022ff2b8f49b71fa49ce05e3c366a1f023855326585c4ae3b3ecf7c095d0985e25381366f0ee64f768f0df74e392324e894d66a1230a847899149075960aae563f03303031a412a142b00202d4b94cbd44575e94cd281558823cc39eb002bb4722f74b6df14724358e6c5c9eccbfcfe396227f89a2a7f33ef1469228237b2ff38f86a71f90390c73dda2e5efec8641dd70b270522739b92e95e50c1233353c05e3d933f766bfcc87201ee50e8030bcfd1799affe90b4356d2d56418aeb6af87eefe8cb12f39b2fea7048ebe69da0f62300421f9e1c54f80f9832a850f5be436ef732e0895b0b0457660c6e10a8b27a508256e837466bcc928faad4cb68f3bf9ca5b43c87d51de59fb8b89f299d08bde6cc9247cf9e4e1135d4d3b54cf288154b215d57d1ab5df1ff4035cfda024d47dee76127b176480792f92d96cc0f5c2543f51f1a296ef1ba88174c8029ae18fb4f2e2ded3ab7074bc5e2c83e6cba24f7f9e49cac827237a6aeaa36ad942bda0c2c1c89f698970e5eb39eaf9d4da0702951525903e8b95568df005a8eda7e6d60194012fb95d6357c574b341830a776a0ae4300bb5575ee43ffcfda2dc9d4d0aea1dc4460df526e2b7051f5e5ff64568110e566bd134ebd52199d37384c034ec6f9298806504fe9779e8aedfb3ebdf71057299f9a671e719fd04f890bda56638162a083e6101fd91601950670bb4521415aae059421e66f385f301562ced13e3db60af87435b66f384121f26eb917fad80ba8f82cb55ddb0ab16ef8a160bffad527dbf90bce6ce9a081a166e81829e890ccf44e04e77c6cf9f4edd7bc80071d913f53702682165dd3bd72326f37927174fd7f20e6d1d629018583e8abf1d35c151b7f47b2f4eebd2b6a9ba2073374b42831542fe0e786fc05c7b46e1480efe2beb2aeb8fa36f34dcdf1e3a0c024d52cb3af1c70433d39f8e6cf175d46fcf9f433f50591a5887d9b46d62c9378eddc9027c1a917b2521676a3b9ecbe94a2bf343a273364f05fcb41fc53603f5f6bc73332467fc09796995c6d454170cde7b4ffd48109a9f1c190d7a025c54b9b4f0f8279753bd48b5ccfec6036208a0500ebf22e68e44df424d62bcc65b581a04e29c9bd2daed60b67c0d659a88a0dd90c5a1e2dd84dc896490a45eaa2f41749a71ef369cc5acc8256c97131169e1f8790daa4392313ec755b43390f899fb2a31583b6ba36f39ff80ba00bed8c66116bfc404058319fb6e0751fe76ee6694925ae89f8a74678d7196e52d0ac7b905b8c1980bc931f927be1672f8e8f0ee55b2a23ed0526b3d1b8e26938adc5e53e73da7e4dd06be1ccf9ab0a3475bec98745c9f121e1ee1891b22417b01439f11cda27a4b7d8bc345b9fb04960753a42698a0c4512e8858c70474da9a53410fcadef09cdc9274c72596b667ddc05a3a88969b1755e65ae2791b4ff67bfe4c7600ff315701fae3445b99cb3ddcafb6cc23c067979576d0313cfa16142e2383569aceddda38ce0c2e6a5a5265b513874d496853c97036a655777e82fa4baaa262a2bffe1a00aa0661a5040dca23fef82d61d0ecaccc21bfee728b80e6bba8b984faef2817453c17cc53f67c5ae7ad84d0f8ed4ca73f7185c0139bc7c3e502aa8cddf0ab9e5a96f20833f84958647f3625dd28863a5f21189875da7535dd429837cd6a1db31317e448a24084af8b70c5b48179dbb6cefc2dddb12a3db7123460b42b233479d4d370d6d6044a712c4eb8ed593140d9c68e00a00643c773745663ceea08e1aec37d19b24457a7e30e7732604ad6e13eeea8cd658e2ac989066b2d4bb05c066ab69925ab3c9373d6d02f6cae3f388d0e200377fdd5d7bfeda546eb54970d0b938bd91844678cff13c84de9b9598fc5994e6cf3732b74d4bbfa7be7dc655646cf186e7fb7ef169a9c07c5adfeb75c73ee122742591fedb9dac8e9015a350221fa6cee074e3251cdce48786f14dc14f40ab4e00ef1b9b4adf8684c480d71d57e1248224f099c9c00586844add9ce528b1d8e9132b8b4fc1db6f078919f06d6a193e4a3b44ad73d302a696d3a3233f89b75ef7fbb5381a2c13eaf4a498c1597399fbbd48046d920328fb68822c649be7e1c195f48d763479b309f371571f212f3d9e58fbffac7c559396c5d4751249daa1f7f16e957ced27d3a6eead58548877ec51cf567e93529da6dd06258c6c00cfb1889d47baec65ed4efd814ce7e7ce2b2d98cacc7bcb7d1db55f4f8ea12ed37d15dc11432e048dc669a66095db3984a2ca22cc233180ae1dbb27c55b67072006d9cb57350f8d23f0d159b533baefde8b475e9f66c9ef3ea2b958a7eb5251a9c9ab6713c1f44494965fcf2ccce09e3b9ef2dd9c00e784c0c1a620bef9a9175c59eee49ee78c7871e974b020aa65099cc6c8cc794f2d8bcc2c641b4e8a5f270f3826db5a49126d55723ecd322f134225b10e0b1064b0e4afdfca8ec341b417a623e7811409493e2a0e41891601500b7f45cd9b30b687ccfada000b0d55df39a794c53fbfd2835d43dfa377c059415bc4151be36635e8c97528209ab349e56ff233d4cc249d2191473e1eda2311683eaf486d0ecf9ab51b311cf013e900128b0bdbb79688d4cce007e454fac57c7d51acee695dadbc77637f0bf7411986aa88a7a881b4bf928c243d46ae21daaa066cc786b2335db1e8c8c4615dd4407027be68af7d57961f44275b3d7d0dc76d34d322630258f898187d0485c2d4adb862898a8523d99cc3439ed21c815def3cbffe8bb94b75cc9a567de21bb9e10af085dac0dbb7fb30aee11c6769c8e2ab642daf591edee5cbdf3c478a3266c644237ce491666c5c1c0f804c3f7f665f534418c17f875869b61493030e2f84c5c3e3ae3524211ea6ae6c31c78ed639078417563c93b0c31f6af47ff72046763a4b637c80d57b7403df1b7e02e58913253f4c1b4ee38c3f9214290ac3946029775c5f7604168119f2f34d10e994e416f385402f33aa396a109278714935ab8b2acf4a9eb73c5ed65abc4329548b42b2e5fe71eb22f0840a410b2e25eeb1d423b4475706072c890f4f8b08ae5ea6036eef113867f5d99638381411eab135009ccc8c788c0850483f139c26aca6336e3c237a88f1f72c54a7fffcde53f1ac8d3456a94643e0055584a2badc178a6eb3756f24c5e05466182a57620a8e2fcf10c270de0db5d778f485e2b7b013c0ddd9f1938324b1a8738443f86d0394511dd5a02548fc6b752b5e7be741328d14fc72dfb56028ed4b0bfced97e5dbe80de3f2e18791e33e6564ca8c2d688d51c5796f03b8696eb5a231d386947880001de2b017d666e363c172cb1d539b5d5724c1d5e94f88ac5ae549d42c4ab97b0a1bc394ff14595479c6c87f6919e315d5b518e9134b74109652dc48324c90a50c9e8cbbdd763fe3e1ed66d5502eee3cbf7d1cd0ae46c5bf95a55f8987ceea3013df6ba61747ff23c363c1913cb10cd0f1e2a58a0b623909da28e6b995dcc0138a1ba23abf55ba2501999fbe096782890281385abf1ef0afb30b76b798d254a394ebfbcc97c5ef5c844903d36fc066a621d95d4c1e99de02d0e83a7b5d8e8ac03d1856a0beaf5be5ae4c3da75de0bba092666d9f239f6208fae72e76d44881a7b06f30b663eab5f603be16c3e82e36d6f85f77bce59cebbf92978443b057fc94d4dbf7e02557dbd6434718ae2f9293f8dc3f9d490f6b1a8fb4d358cb24d3683e605544569bbd2336e17f16688adaa6eb4298f20cac832baf911d879b9ed41e631d060b9f236ebee0a17bde505c11680ea7e227afd11", 0x1000}, {&(0x7f0000001300)="76447e8f053dd36580a963bb3ac36698c8b1c0b29a8c382a9ac881e677d9d3bb1cf397e2a378e30a4daacd7c11677cd14521fe968156e6510bdc7a557f22d9a0f1485b867c4655c0ef675f6b6ef84760713eb02f24aef5abbb8fe47426def3c1b73d2416756e", 0x66, 0x3ff}], 0x23020, &(0x7f0000001440)={[{'*\'%+/'}, {}, {'J'}, {'!-{'}, {']'}, {'#'}, {']{$\''}, {}], [{@dont_hash}, {@fsuuid={'fsuuid', 0x3d, {[0x54, 0x35, 0x30, 0x37, 0x66, 0x66, 0x38, 0x31], 0x2d, [0x66, 0x39, 0x38, 0x64], 0x2d, [0x61, 0x39, 0x66, 0x6b], 0x2d, [0x30, 0x34, 0x30, 0x66], 0x2d, [0x30, 0x61, 0x34, 0x62, 0x35, 0x34, 0x61, 0x37]}}}, {@obj_role={'obj_role', 0x3d, '$'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@fowner_gt={'fowner>', 0xee01}}, {@smackfstransmute}, {@context={'context', 0x3d, 'root'}}, {@fowner_eq={'fowner', 0x3d, 0xee00}}]})
mount$cgroup(0x0, &(0x7f0000001540)='./file1\x00', &(0x7f0000001580), 0x1002, &(0x7f00000015c0)={[{@noprefix}, {@none}], [{@obj_user={'obj_user', 0x3d, '*'}}, {@smackfsdef={'smackfsdef', 0x3d, '/(:\\]}[^{{'}}]})
openat(r1, &(0x7f0000001500)='./file1\x00', 0x40000, 0x100)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file1\x00', 0x480880, 0x18)
r3 = syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000a00)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
syz_io_uring_submit(r7, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r8 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb39e}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r9=>0x0, &(0x7f0000000100)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, 0x2}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r8, 0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r12 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r8, 0x8000000)
syz_io_uring_submit(r12, r10, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1, r11}}, 0x80000001)
syz_io_uring_submit(0x0, r5, &(0x7f0000001700)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1, {0x0, r11}}, 0x4)
sendfile(r0, r2, 0x0, 0x3)

17:39:24 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:24 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno,', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

17:39:24 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:39:24 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140), 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:24 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2411.282117] 9pnet: Insufficient options for proto=fd
17:39:24 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2411.323948] FAULT_INJECTION: forcing a failure.
[ 2411.323948] name failslab, interval 1, probability 0, space 0, times 0
[ 2411.326929] CPU: 1 PID: 26977 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2411.328490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2411.330357] Call Trace:
[ 2411.330956]  dump_stack+0x107/0x167
[ 2411.331780]  should_fail.cold+0x5/0xa
[ 2411.332641]  ? create_object.isra.0+0x3a/0xa30
[ 2411.333675]  should_failslab+0x5/0x20
[ 2411.334528]  kmem_cache_alloc+0x5b/0x310
[ 2411.335452]  create_object.isra.0+0x3a/0xa30
[ 2411.336434]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2411.337596]  kmem_cache_alloc_trace+0x151/0x320
[ 2411.338649]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 2411.339797]  ? io_import_iovec+0x1120/0x1120
[ 2411.340787]  ? lock_downgrade+0x6d0/0x6d0
[ 2411.341725]  ? do_raw_spin_lock+0x121/0x260
[ 2411.342695]  ? rwlock_bug.part.0+0x90/0x90
[ 2411.343651]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2411.344733]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2411.345922]  ? alloc_fd+0x2e7/0x670
[ 2411.346759]  io_uring_setup+0x1fbb/0x2980
[ 2411.347700]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2411.348846]  ? wait_for_completion_io+0x270/0x270
[ 2411.349970]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2411.351153]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2411.352315]  do_syscall_64+0x33/0x40
[ 2411.353169]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2411.354344] RIP: 0033:0x7fea1df7ab19
[ 2411.355185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2411.359317] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2411.361020] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2411.362630] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2411.364225] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2411.365825] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2411.367425] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:39:24 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:24 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:24 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:39:24 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB='\"wfdno=', @ANYRESHEX=r1])

17:39:24 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:24 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, 0x0, 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x4a02, 0x0)
dup3(r2, r1, 0x0)
fcntl$setflags(r2, 0x2, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x100000001)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$addseals(r4, 0x409, 0x0)

[ 2411.493838] 9pnet: Insufficient options for proto=fd
17:39:40 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, 0x0, 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:40 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:40 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:40 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:39:40 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',\"fdno=', @ANYRESHEX=r1])

17:39:40 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:40 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 33)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:39:40 executing program 1:
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setreuid(0x0, r0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setreuid(0x0, r1)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001840)=[{{&(0x7f0000000200)=@abs, 0x6e, &(0x7f0000001700)=[{&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/11, 0xb}, {&(0x7f00000012c0)=""/116, 0x74}, {&(0x7f0000001340)=""/229, 0xe5}, {&(0x7f0000001440)=""/104, 0x68}, {&(0x7f00000014c0)=""/224, 0xe0}, {&(0x7f00000015c0)=""/170, 0xaa}, {&(0x7f0000001680)=""/91, 0x5b}], 0x8, &(0x7f0000001780)=[@cred={{0x1c, 0x1, 0x2, {0x0, <r2=>0x0}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}}], 0x1, 0x2, &(0x7f0000001880)={0x0, 0x989680})
stat(&(0x7f0000001900)='./file0\x00', &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f00000000c0)='./file1\x00', 0x3, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000100)="245daab97ed52c5742ae6e8aa86c8d4122259e9aa85dc78b278f22447b419c0a79ae31ce1ecb3cb85707f6850f53807fd50cd6e52163b2b6327624653a026052d87867cab3a3e7cf", 0x48, 0x5}, {&(0x7f0000000180)="88e36ea5132c254c1193301a306d564646a6744fb701380c2549ee5b9311360db1d7c1bb524a6f00e2ffea13b1ed0f07ef0b967a37884d3de6a590872d", 0x3d, 0x9}], 0x1000000, &(0x7f00000019c0)={[{@data_err_ignore}, {@abort}, {@nolazytime}, {@usrjquota}, {@lazytime}], [{@fowner_lt={'fowner<', r2}}, {@obj_type={'obj_type', 0x3d, '\xd6'}}, {@euid_eq={'euid', 0x3d, r3}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]})
setresuid(r0, 0xee01, r1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0xa4)
r5 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)

[ 2427.335032] 9pnet: Insufficient options for proto=fd
[ 2427.355303] FAULT_INJECTION: forcing a failure.
[ 2427.355303] name failslab, interval 1, probability 0, space 0, times 0
[ 2427.357936] CPU: 0 PID: 27221 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2427.359428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2427.361214] Call Trace:
[ 2427.361797]  dump_stack+0x107/0x167
[ 2427.362574]  should_fail.cold+0x5/0xa
[ 2427.363413]  ? io_wq_create+0xeb/0xc00
[ 2427.364234]  should_failslab+0x5/0x20
[ 2427.365060]  __kmalloc+0x72/0x390
[ 2427.365809]  io_wq_create+0xeb/0xc00
[ 2427.366612]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 2427.367677]  ? io_import_iovec+0x1120/0x1120
[ 2427.368608]  ? io_apoll_task_func+0x2d0/0x2d0
[ 2427.369542]  ? __io_req_find_next+0x300/0x300
[ 2427.370499]  ? do_raw_spin_lock+0x121/0x260
[ 2427.371412]  ? rwlock_bug.part.0+0x90/0x90
[ 2427.372352]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2427.373467]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2427.374577]  ? alloc_fd+0x2e7/0x670
[ 2427.375372]  io_uring_setup+0x1fbb/0x2980
[ 2427.376263]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2427.377320]  ? wait_for_completion_io+0x270/0x270
[ 2427.378404]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2427.379547]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2427.380615]  do_syscall_64+0x33/0x40
[ 2427.381398]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2427.382490] RIP: 0033:0x7fea1df7ab19
[ 2427.383294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2427.387279] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2427.388877] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2427.390377] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2427.391869] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2427.393345] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2427.394845] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:39:40 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:39:40 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:40 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:40 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, 0x0, 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:40 executing program 1:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r3, r2, 0x0)
dup3(r3, r1, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f00000002c0)={0x0, 0x0, "21c060c81e933ef0099b61265ca7732e84b394e7fa5c42facae1fce9e179a93121c497483c3dcbe53b997fe9f29998be541910d2a17b05733d81029229560124a74f64c7306c4a5cc5fed70de55c4728b21db11cb845cf99b9bdb06775482dd04b3489ff1d7cc73a7d5538a2127de4b78504cd8f25b942617060a1a19f69a8df4aac07da015cb3bc6791279c6a0e0efc6dd2a0806fb87a96e05d6f83f9dca1a92511e7238456d46f4bf70216aafdcf38b1ca39efd81e76bf1dbe205fa5289fa8b5d6b2807ec4dc1d600715f575b71e36da483810f7a921285abb9deeb38c5f0d26439af1f24e4078ac79dd90e1adfe32e033550dc5eb7edeb68175bf0b83007d", "43b3cc2dc467fbad8e9506fcaf67f1f5501f9f45d5156eee1ba769985e2d86300a729899ad1e2fa74768211868493369e3c57799afdb9497929a651b9f62076a3af7d262b59e4fc2d5db779495cc2e5547065c29a8b7ed66637bb737f56e8a244e7b8d063630ce12555834677263f9a357f1b7cbcfab3474e6319535a2bc313d2b935f00e10ec07967c1a7e4eb434b955789cca79aea90023c63227b842732d6df3cecf48e0508332fe62da1f070837f70b64d3371c51536da404e5739853deea11869fd25c68394c7fc73ad88ea6c29d36b2ea40001e365380561466ab6e6aee67fdb9b6c4385309536557f829fa658f104077c57953f2091b9f575218ff0ec32d7af1ad9b159ab0a0b0a5c8bd42dd47ff32bb8e963b4ab860ed0dcf0e9349be46cd70a8dd6c26a4613e3515e590a6ee3c6fca29f4d853154e517b92ac34b26be9b94b2afdb29fe371fdfbb524500d3283bddef088461550fb1dfe3b6562df674da444d33431913c20beee5bca903721faabe88d0172cb8f4cf02668936fa42df94bd9d07682a1e6780ca5489bccc03dea799d33d621153a3bec3cb8b3ba713c6c4d3296c98c19ee799ab4b2da2d84e8e250c85ad4cb56fa87813feed25fa839ded7e87b1c6fdb849582505dd3e52cd135b5bcb6e8667253330a452f835f2462b2f1eeb0b912980cf46145eb33c56661e9ffa727bcab2082a71d7ffa49386c9dc48d877c84f9756cb8e892e27ecc9dfc5514e6f3797d2b85032abb3116186ae5244d04818f178a9213d2d06b7392145928d8dff654974b01ed273f078a2f3fc613106754e192a151201e3499a5d1859ebaa1a72683151e809bb205c98a0074486f569a2560331f0eb16ae8f4ba84b7d1613201a63a13134bb2ca34d1342da0de4b7436ca600bf742116e76aafbca0de07562e6d799b00bdb8cc9b6ab6912706fab1094e728c25e62f1a525998b990ef1923ee7be159ff25199fd1a1bab8c627ca1c2b42b57c5f0bc8dddf8661e6c8517455b94d32e53ae4e9de8dc8c20e7c7e61735b3cd92fffcfe7da15909643cb4acff8d6b9d69c9366e3f2c19885e51236a30a93897783fde2ee5813c8702812f7802a7c493cde85729719e6c2b365da6af82f4e7436ba2b9ab5c4e0349d7d8b591981e8d04afc56b1af828397bc9de708c46e29fa43ea7a09e77451f5901efae50168ae5e0a8e3abbcf077705d98a494b319ac4f324c2dc5bf41418ab30c6748738b1ad53050bafb8ffbbf39f787f4330eaed1eaef0250c78489e7e01a71db1bdd4e159e3b92c31135938cf122efbe35e7a9c09de49a29a38dd9788eeb0b6645042d8a011d2d4e234970efd09afc5af04ca5e7021befa6dc13008848d4abe2ae5d188a5fc59e23454dacb4368bc5b29a7e632f2c0b65d03a164b43217848e125b25fa46999fea82a28daaa6a0cb3e56910ea3214352973a7b008f3def3a5e34a15baf9040d52cf3a55a025600ed6aabb0e4feb22d103a96cecbbc1fc4010632edc653fabcfa9ee05fcb5916d86990c4b789386df361737c25f7c3e137d3130405a7bfe0a5c5f6f2a47bbe73f68917e7d72ed9e077ada1e4054a58369ff1a26a0f9c7f0afb8bf77b2d8ea0c72a0db674c6cb08f9c6447eb5d1f62dc2aad89ac5d6be77ed83f865d62b4bbc8ff6a49a1a12efda56a8fde34143153d826a6f4755ce08940e720f9a8ba4f4fdf4218eb7faea45ac7bf71504c5cd4a469e48b1fb42c518eb78d3c3f02f28eed35597d025cc0f9d15f44bfd1956556ac236f2255d3a31fe14a06b5bb71abb6eff1ee9a9ac950d0c2e49b926c5d1b1bde0033e5a5b2d70b4fd1e029c51bd531ad130f8a80185febd87f146bd3538bc823a88b7e7b5bc1f059d4ce5134b1e80ad5984e2d27d8494612190d4ebfa6dc73ae0e9ad1b34da94b060f1438ff5d96018b95b671ce649a70f3a485728c2d9e1fd8f87e41e9c0e6702aa231c5533147c1f301bea04cb0d633eeaf340b6b79130f16ed465a899108e47b3d844c29a2f65537ac47e47bfa28a45e772306d726ebd9f9db120149e801b7b9e386036379f104b8c425bf5b9928669cc873334ecf580b80ca924e7023f339cf2ff8003c5bdc5893ee517c8f42c2cb3369969f9d06878c76cd5fdb581e3a0f0f7f9ae772f2caf8e3ad464ee08bbb4cd08f3e90ef6f0f753f6eece9f0dfcd8e6ad401c8d08f968c0bbe9b3030960f8ce251eddfd0913ed5b9f5e7bb6d2e7578762844b28f1891387c6a34413115da252f75e034216ec8234e0710970e5d8a98ea8ba30bf6e9dfb71e080b5eb72c6e937d2a343dbca70daef56a996c55188a556a07b1d841c6833e3538f744fc94cf366b4d73356ec02e0383ff41cf037b9d3b738a7eede96165d8a08473ef66d519ac6b5a73ab73fc0272834b198924bc54a49258c37276017e97c12933b37fc76aef55b16e6021b3de969822b33fe5fc82e0573c8132baf1983218036b6db5bc80a3b96b844feb996b3f24be8bdb18ecbeaa4a0ba91cecffbb43457627997d093d27a469ff691b97341ed10a444ab43d7c448dc7a0284999ae4f547177c869af8418461a5562153d644af5e039baf45cf79e347f9e1ce2d3201c1b1372ea082e1846d7cae81657e47f3d5beb9c9a24d425cb7f263baba5dd25b8253c91ab506f3e5d8d861e1f590205adc751eda1119e27be656d54094981d8bab204e51984b50452c48e63952bdd9eb6e6b0b772a0be95191b399ea7e756cb039bd21c79974cb1af5470d93e84c5d513d74b56373d00101fab8f8372f919fd9e0849cce7fdbf2d584917db5fa0041147803f7b1d74664795818786c1a16975d1a846c30ff0cc20619f9b37ecabde00af2f5e5df50ecea10be14da7bdf2d1eea2eb6ca2f7d541810d217d128043d8d9a51e677771818ec0e71b3a6d62e31cabece2f6c9afd3ec94091d00faeef7a1953f09e6cfe7ec5cd943484e2a81bde1860839475cc8fdb7283b07db1f3b136a5fa6e96aeedaf8322d27b662a26b0922ed52eaa22a7d25d020f64aadc71b0ab55265270226928b1dfda9219f4efeaeff9e015c62922e47111b1a10533d24aa886792a0a9b04247fa3d7a8b0940f2bdcd060b111b01e8888ae3b49efb6dc016bf8a190abc692ad721e5ac3b077cc018547cf32be29a1d53aba39d39efbd301a06b8f2f891b621f0780497500af02d2623425670878467b2339ca2d304ccf581cf7d09c0fa15c68b9df7a3fc0e79215e11a6a123934db4ca186b0c5654e92baa054461fdf4f5c7b429e62365e4ef8881b2709ade521af738ec6e16a879aa9f26c1b3341f9626afac56ccfb459e33a5e08fe3ad32755485a47d0092aedc8e062b1920aac6b52275a5bc517236a0f80c2acebda51d01046bd43569c181b5dbce023d41be6d3efceeaa9224aebdead600a4a8f4a6e69eda90320f2633c376f1542c034a83f1961d968b4ebf5f99ae601ff7ca9472a62383c86050311545731f98d72d0a61e6adb526ccae4652eaca97139d3c77af55ac57b99a157f73224916c5c22e0234550993abbb7b5a08fa8de906c1f2b17b07ddbb3ad704cad925b3902bfab4da2917380a2516475cb7dc71bcb44c5cc308dbed73ad133d4d5c14c54cfde733258dec89ca8ac4ea28169be9d7e245a7935cbbbaece386e1723f3b31448f8ca2fa00ca496f9f5d7081efae2f3b4c089c935b8ad2a6276bdcc86c868d8aef83e13f030b907a53444588e1d0468a70e809bc1c1769bcf7c736b982ef49213be50473cc1c947285eaa52c750bff28cedaae2a24b526dec0cb4e9b31bfb8d9cdb249e80e9da686c6fd1b527e81ee08af45b21b73cb5e6f1b4da379b72aa8d9838a57717ded84fe8c0a8d87f787e7de28bbc48fe514112adb06fda49100a1e5a1c8efa19eb18c3ed2d787be91027137b5b5602f6ea6f737eaccd6956a5c37b2938f29856214c81ff325147f55d276a64de8f0cffb44292082b009fbeba34a41c373c665ddb535084adef8e97853918565525436416076972e26687761f64929e1e90eaa8bfe61dcdd5b8b78c23a3b6e6aa2cf097a985ea111c2fa2354f46b24bd0b75965455909921b56370b47affaee8f12a8252a65955346baf51ef46c97234763c7bba010d316121ad5a1f67ded1b2fe559f422e279bbb7248bbc4fea68e4f809de239caebd67b279839e0dfe36eca4d95f71a73f22c3b43fdadf14b0fe423c8765cd228fdc414c7af25b05822b50452480c9e8ee1f0d2c1645f09bd53a5d065fd82fd14010fc56d2b9c528bd6b29a5abd96883d9c1c70e1fdcb721803d563c8ffe41104b48db3397c262f18cc57ba6e23ac3b85a88080535629c4c8f20f8d7af352b6a8f95ffd30f66cd6b64a5ddf0feb75cb7a1cfea2604e7c1bc17a57578364988b5b042242a9807171ffef5febe4aa79a259a99cb3d22664ae85da67592f8cf810a29273c7692fa20fd6a12f6119de8e7241c94dac6f02bf8579b7fd861c26b87eec70d42a1e93b5edd91eabb7ec19892764fdf0b84293ec9550bc5e5e65e866699b8db6f92bf43859f429e296dc23f97d1c61034247eff4c06e5ac2e2ab8ca902bafe557080ccef8e47d580dc3d8482743bd5e59b4b81220509895e9a18c60419330167db77ede95b08d622808e90223813e2c1cb14086d5c1b65a464d432bc342ec453098c347c4d5010a32b15d473bf7f63dfdb56b32350d7f25fe201dfa199c084248b0ddb5da1aca71acb51fad866c7c3c456eae5976d889bec26cea17a3747a8ffc62a1eef7e8cf9201cb7b2d34f8282eeff293eeacda9a272ef157a1c8e6a799cb1c8517c37153c185059ef883c39d32523d1550b554a186493377fac43a74a141ca5487b13170f1d5fea427818f583aefa8295f5bc36f30094b68695778931cb4c43cb6616c0bf27012d6f62feb83caf89e34f592cc518e6fe0c72784f1da582c8a5b8a46fc00d43c41d3def5f5c0022c12fe2bc3647ba0a0708a93e93817d370738a5a099d3db3c4cefa8183230cebcea1423b2d8019715b31e60d9ed13ea5df9535de93d3f7a2ff20adb4d30365aff97073a25b74d44447b9172a69cad3388a78a8c638b738d06a22a1e6e207bb156e5ff5ce50b05527780c8e4e7ec77c7893182873813343b2646d46529b7d35419d1c3e5910782526cf91cabc3d8041036287b4f6e039a015cd112c1a59236eaf9e017f216452924c99343bc96213589c0662a3e3bc1afa7f7748ebd3b1650a5fc746b11543c9d7e66a0c482ddd32d17d6487af407e59b96def53f3028ff1115e5ad72a869fbf13818469e257015913c0418a9955f2fcdf489f0cc8ae4ba085b51e1cb653e1e17cd935feac5accbd0302a4154d5c08554e371e61081c09381722589ab253af156323992355611a3bff7b7d8de5c8da"})
r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r4, r0, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r6, r5, 0x0)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x240000, 0x0)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x40}, {0xffffffffffffffff, 0x247}, {r0, 0x20}, {r5, 0x80}, {r7, 0x400}, {0xffffffffffffffff, 0x2000}], 0x6, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r9 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file1\x00', 0x802, 0x14e)
sendfile(r8, r9, 0x0, 0x100000001)

17:39:40 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:40 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',,fdno=', @ANYRESHEX=r1])

17:39:40 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, 0x0, 0x81)

[ 2427.641613] 9pnet: Insufficient options for proto=fd
17:39:57 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',Ifdno=', @ANYRESHEX=r1])

17:39:57 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x402000, 0x0)
connect$802154_dgram(r2, &(0x7f0000000040)={0x24, @none={0x0, 0x1}}, 0x14)

17:39:57 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:57 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2444.580031] 9pnet: Insufficient options for proto=fd
17:39:57 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140), 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:57 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 34)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:39:57 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:57 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, 0x0, 0x81)

17:39:57 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, 0x0, 0x81)

17:39:57 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2444.659022] FAULT_INJECTION: forcing a failure.
[ 2444.659022] name failslab, interval 1, probability 0, space 0, times 0
[ 2444.661007] CPU: 1 PID: 27469 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2444.662236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2444.663509] Call Trace:
[ 2444.663891]  dump_stack+0x107/0x167
[ 2444.664407]  should_fail.cold+0x5/0xa
[ 2444.664948]  ? create_object.isra.0+0x3a/0xa30
[ 2444.665594]  should_failslab+0x5/0x20
[ 2444.666143]  kmem_cache_alloc+0x5b/0x310
[ 2444.666721]  create_object.isra.0+0x3a/0xa30
[ 2444.667348]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2444.668080]  __kmalloc+0x16e/0x390
[ 2444.668599]  io_wq_create+0xeb/0xc00
[ 2444.669132]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 2444.669853]  ? io_import_iovec+0x1120/0x1120
[ 2444.670486]  ? io_apoll_task_func+0x2d0/0x2d0
[ 2444.671129]  ? __io_req_find_next+0x300/0x300
[ 2444.671757]  ? do_raw_spin_lock+0x121/0x260
[ 2444.672374]  ? rwlock_bug.part.0+0x90/0x90
[ 2444.672971]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2444.673650]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2444.674393]  ? alloc_fd+0x2e7/0x670
[ 2444.674924]  io_uring_setup+0x1fbb/0x2980
[ 2444.675514]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2444.676226]  ? wait_for_completion_io+0x270/0x270
[ 2444.676930]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2444.677666]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2444.678399]  do_syscall_64+0x33/0x40
[ 2444.678926]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2444.679657] RIP: 0033:0x7fea1df7ab19
[ 2444.680184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2444.682788] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2444.683862] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2444.684861] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2444.685878] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2444.686882] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2444.687874] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:39:58 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:58 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:39:58 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',Qfdno=', @ANYRESHEX=r1])

17:39:58 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140), 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:39:58 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x81)

[ 2444.880589] 9pnet: Insufficient options for proto=fd
17:40:12 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',Rfdno=', @ANYRESHEX=r1])

17:40:12 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2459.257817] 9pnet: Insufficient options for proto=fd
17:40:12 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x81)

17:40:12 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x585542, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)

17:40:12 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:12 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 35)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:40:12 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:12 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140), 0x0, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:12 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2459.300198] FAULT_INJECTION: forcing a failure.
[ 2459.300198] name failslab, interval 1, probability 0, space 0, times 0
[ 2459.303122] CPU: 1 PID: 27698 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2459.304624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2459.306537] Call Trace:
[ 2459.307125]  dump_stack+0x107/0x167
[ 2459.307902]  should_fail.cold+0x5/0xa
[ 2459.308716]  ? io_wq_create+0x6ef/0xc00
[ 2459.309556]  should_failslab+0x5/0x20
[ 2459.310373]  kmem_cache_alloc_node_trace+0x59/0x340
[ 2459.311436]  io_wq_create+0x6ef/0xc00
[ 2459.312254]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 2459.313327]  ? io_import_iovec+0x1120/0x1120
[ 2459.314257]  ? io_apoll_task_func+0x2d0/0x2d0
[ 2459.315206]  ? __io_req_find_next+0x300/0x300
[ 2459.316142]  ? do_raw_spin_lock+0x121/0x260
[ 2459.317053]  ? rwlock_bug.part.0+0x90/0x90
[ 2459.317958]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2459.318982]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2459.320267]  ? alloc_fd+0x2e7/0x670
[ 2459.321052]  io_uring_setup+0x1fbb/0x2980
[ 2459.321953]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2459.323020]  ? wait_for_completion_io+0x270/0x270
[ 2459.324066]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2459.325175]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2459.326276]  do_syscall_64+0x33/0x40
[ 2459.327072]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2459.328160] RIP: 0033:0x7fea1df7ab19
[ 2459.328961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2459.332851] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2459.334464] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2459.335965] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2459.337619] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2459.339126] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2459.340630] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:40:12 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:12 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
dup(r0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)

17:40:12 executing program 2:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:40:12 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x81)

17:40:12 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:12 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:12 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:12 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 36)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:40:12 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',Sfdno=', @ANYRESHEX=r1])

17:40:12 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2459.579851] 9pnet: Insufficient options for proto=fd
[ 2459.594465] FAULT_INJECTION: forcing a failure.
[ 2459.594465] name failslab, interval 1, probability 0, space 0, times 0
[ 2459.595885] CPU: 0 PID: 27828 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2459.596681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2459.597579] Call Trace:
[ 2459.597901]  dump_stack+0x107/0x167
[ 2459.598319]  should_fail.cold+0x5/0xa
[ 2459.598759]  ? create_object.isra.0+0x3a/0xa30
[ 2459.599278]  should_failslab+0x5/0x20
[ 2459.599712]  kmem_cache_alloc+0x5b/0x310
[ 2459.600155]  ? io_wq_create+0x114/0xc00
[ 2459.600612]  create_object.isra.0+0x3a/0xa30
[ 2459.601110]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2459.601825]  kmem_cache_alloc_node_trace+0x16d/0x340
[ 2459.602423]  io_wq_create+0x6ef/0xc00
[ 2459.602862]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 2459.603449]  ? io_import_iovec+0x1120/0x1120
[ 2459.603954]  ? io_apoll_task_func+0x2d0/0x2d0
[ 2459.604466]  ? __io_req_find_next+0x300/0x300
[ 2459.605001]  ? do_raw_spin_lock+0x121/0x260
[ 2459.605499]  ? rwlock_bug.part.0+0x90/0x90
[ 2459.605972]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2459.606519]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2459.607118]  ? alloc_fd+0x2e7/0x670
[ 2459.607520]  io_uring_setup+0x1fbb/0x2980
[ 2459.608000]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2459.608547]  ? wait_for_completion_io+0x270/0x270
[ 2459.609116]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2459.609719]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2459.610317]  do_syscall_64+0x33/0x40
[ 2459.610751]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2459.611345] RIP: 0033:0x7fea1df7ab19
[ 2459.611768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2459.613912] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2459.614777] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2459.615593] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2459.616410] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2459.617224] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2459.618042] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:40:13 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:13 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}}, 0x81)

17:40:13 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 37)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:40:13 executing program 2:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

[ 2459.734799] FAULT_INJECTION: forcing a failure.
[ 2459.734799] name failslab, interval 1, probability 0, space 0, times 0
[ 2459.736129] CPU: 0 PID: 27941 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2459.736916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2459.737860] Call Trace:
[ 2459.738176]  dump_stack+0x107/0x167
[ 2459.738593]  should_fail.cold+0x5/0xa
[ 2459.739032]  ? __io_uring_add_tctx_node+0x15c/0x520
[ 2459.739607]  should_failslab+0x5/0x20
[ 2459.740044]  kmem_cache_alloc_trace+0x55/0x320
[ 2459.740568]  __io_uring_add_tctx_node+0x15c/0x520
[ 2459.741116]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2459.741709]  ? alloc_fd+0x2e7/0x670
[ 2459.742139]  io_uring_setup+0x1fbb/0x2980
[ 2459.742615]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2459.743192]  ? wait_for_completion_io+0x270/0x270
[ 2459.743756]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2459.744350]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2459.744936]  do_syscall_64+0x33/0x40
[ 2459.745362]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2459.745951] RIP: 0033:0x7fea1df7ab19
[ 2459.746373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2459.748461] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2459.749325] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2459.750145] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2459.750950] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2459.751754] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2459.752558] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:40:13 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="af", 0x1, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:13 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}}, 0x81)

17:40:13 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',Tfdno=', @ANYRESHEX=r1])

[ 2459.865778] 9pnet: Insufficient options for proto=fd
17:40:29 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',Vfdno=', @ANYRESHEX=r1])

17:40:29 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:29 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x1)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
fsetxattr$security_evm(0xffffffffffffffff, &(0x7f0000000000), &(0x7f00000000c0)=@v1={0x2, "7a7888"}, 0x4, 0x1)
sendfile(r0, r1, 0x0, 0x100000001)

17:40:29 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:29 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}}, 0x81)

17:40:29 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 38)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:40:29 executing program 2:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

[ 2476.443242] 9pnet: Insufficient options for proto=fd
[ 2476.486532] FAULT_INJECTION: forcing a failure.
[ 2476.486532] name failslab, interval 1, probability 0, space 0, times 0
[ 2476.490200] CPU: 1 PID: 28066 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2476.491680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2476.493937] Call Trace:
[ 2476.494544]  dump_stack+0x107/0x167
[ 2476.495486]  should_fail.cold+0x5/0xa
[ 2476.496480]  ? create_object.isra.0+0x3a/0xa30
[ 2476.497655]  should_failslab+0x5/0x20
[ 2476.498656]  kmem_cache_alloc+0x5b/0x310
[ 2476.499728]  create_object.isra.0+0x3a/0xa30
[ 2476.500863]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2476.502211]  kmem_cache_alloc_trace+0x151/0x320
[ 2476.503435]  __io_uring_add_tctx_node+0x15c/0x520
[ 2476.504692]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2476.506069]  ? alloc_fd+0x2e7/0x670
[ 2476.507047]  io_uring_setup+0x1fbb/0x2980
[ 2476.508132]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2476.509450]  ? wait_for_completion_io+0x270/0x270
[ 2476.510761]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2476.512110]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2476.513446]  do_syscall_64+0x33/0x40
[ 2476.514434]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2476.515760] RIP: 0033:0x7fea1df7ab19
[ 2476.516731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2476.521468] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2476.523444] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2476.525281] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2476.527148] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2476.528993] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2476.530861] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:40:29 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:29 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x0)

17:40:29 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:29 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:30 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:30 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x0)

17:40:46 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:46 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',bfdno=', @ANYRESHEX=r1])

17:40:46 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 39)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:40:46 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:46 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file1', [{}, {}, {0x20, ']N'}, {0x20, '\\,\xc5(\x90:\'}*'}], 0xa, "1d32ce6171ec687335b0628b3a3fffbe9dc55003b4d96dddeef3f084d9a27da942da7de1bfeff0aa0333890c83a90008cddb1e6bf149b0a332a9ba2a35e9b30a301863170f832581f1db2a0d88e594b4301dd78f021ff8a7e0896440907a5e831912e123502ccc5360d36586856258d8eb86fb19f7ad7647186a1f29c7ad7e32594fddb7464cfb1c3d32bf88ef7a80aaa9fa8ef60b69d52f5ec99c3097541b0e9937648bf036bda9bce180869320ec3b83d622f60c20"}, 0xd0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)

17:40:46 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:46 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x0)

17:40:46 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0x0)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2493.233227] 9pnet: Insufficient options for proto=fd
[ 2493.281544] FAULT_INJECTION: forcing a failure.
[ 2493.281544] name failslab, interval 1, probability 0, space 0, times 0
[ 2493.285545] CPU: 1 PID: 28206 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2493.287121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2493.289132] Call Trace:
[ 2493.289807]  dump_stack+0x107/0x167
[ 2493.290700]  should_fail.cold+0x5/0xa
[ 2493.291646]  ? xas_alloc+0x336/0x440
[ 2493.292493]  should_failslab+0x5/0x20
[ 2493.293371]  kmem_cache_alloc+0x5b/0x310
[ 2493.294370]  ? stack_trace_consume_entry+0x160/0x160
[ 2493.295648]  xas_alloc+0x336/0x440
[ 2493.296516]  xas_create+0x34a/0x10d0
[ 2493.297459]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2493.298663]  xas_store+0x8c/0x1c40
[ 2493.299571]  __xa_store+0x164/0x2d0
[ 2493.300528]  ? xa_delete_node+0x280/0x280
[ 2493.301525]  ? trace_hardirqs_on+0x5b/0x180
[ 2493.302627]  xa_store+0x31/0x50
[ 2493.303376]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2493.304612]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2493.305904]  ? alloc_fd+0x2e7/0x670
[ 2493.306815]  io_uring_setup+0x1fbb/0x2980
[ 2493.307783]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2493.309031]  ? wait_for_completion_io+0x270/0x270
[ 2493.310319]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2493.311526]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2493.312731]  do_syscall_64+0x33/0x40
[ 2493.313570]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2493.314804] RIP: 0033:0x7fea1df7ab19
[ 2493.315788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2493.320243] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2493.322023] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2493.323631] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2493.325631] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2493.327369] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2493.329087] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:40:46 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:40:46 executing program 5:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:40:46 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:46 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r3, r2, 0x0)
ioctl$FITHAW(r2, 0xc0045878)
ftruncate(r1, 0x1a3)
sendfile(r0, r1, 0x0, 0x100000001)

17:40:46 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:40:46 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:01 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 40)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:41:01 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:01 executing program 5:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:41:01 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',dfdno=', @ANYRESHEX=r1])

17:41:01 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:01 executing program 3:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(0x0, 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:01 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:01 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>r0, {0x7}}, './file1\x00'})
getsockname$unix(r1, &(0x7f00000001c0), &(0x7f0000000240)=0x6e)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x100000001)
r3 = accept4$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none}, &(0x7f0000000040)=0xe, 0x80000)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000100), &(0x7f0000000140)=0x14)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, &(0x7f00000000c0)={0x0, @aes256, 0x0, @desc4})

[ 2508.322016] 9pnet: Insufficient options for proto=fd
[ 2508.322916] FAULT_INJECTION: forcing a failure.
[ 2508.322916] name failslab, interval 1, probability 0, space 0, times 0
[ 2508.327116] CPU: 0 PID: 28336 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2508.328588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2508.330327] Call Trace:
[ 2508.330897]  dump_stack+0x107/0x167
[ 2508.331674]  should_fail.cold+0x5/0xa
[ 2508.332478]  ? ___slab_alloc+0x155/0x700
[ 2508.333336]  ? create_object.isra.0+0x3a/0xa30
[ 2508.334303]  should_failslab+0x5/0x20
[ 2508.335121]  kmem_cache_alloc+0x5b/0x310
[ 2508.335993]  create_object.isra.0+0x3a/0xa30
[ 2508.336920]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2508.337994]  kmem_cache_alloc+0x159/0x310
[ 2508.338890]  xas_alloc+0x336/0x440
[ 2508.339647]  xas_create+0x34a/0x10d0
[ 2508.340453]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2508.341561]  xas_store+0x8c/0x1c40
[ 2508.342329]  __xa_store+0x164/0x2d0
[ 2508.343111]  ? xa_delete_node+0x280/0x280
[ 2508.344006]  ? trace_hardirqs_on+0x5b/0x180
[ 2508.344949]  xa_store+0x31/0x50
[ 2508.345660]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2508.346721]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2508.347824]  ? alloc_fd+0x2e7/0x670
[ 2508.348610]  io_uring_setup+0x1fbb/0x2980
[ 2508.349501]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2508.350587]  ? wait_for_completion_io+0x270/0x270
[ 2508.351631]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2508.352743]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2508.353845]  do_syscall_64+0x33/0x40
[ 2508.354641]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2508.355730] RIP: 0033:0x7fea1df7ab19
[ 2508.356514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2508.360384] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2508.361999] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2508.363705] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2508.365201] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2508.366707] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2508.368199] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:41:01 executing program 5:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x122)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r1, &(0x7f0000000000)='\x00', 0x1)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r4, 0x0, 0x9)

17:41:01 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:01 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x0, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 1)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:41:01 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2508.663363] FAULT_INJECTION: forcing a failure.
[ 2508.663363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2508.665948] CPU: 1 PID: 28457 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2508.667395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2508.669120] Call Trace:
[ 2508.669675]  dump_stack+0x107/0x167
[ 2508.670445]  should_fail.cold+0x5/0xa
[ 2508.671241]  _copy_from_user+0x2e/0x1b0
[ 2508.672073]  io_uring_setup+0x9b/0x2980
[ 2508.672895]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2508.673904]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2508.674963]  ? wait_for_completion_io+0x270/0x270
[ 2508.675966]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2508.676932]  ? vfs_write+0x354/0xb10
[ 2508.677702]  ? fput_many+0x2f/0x1a0
[ 2508.678457]  ? ksys_write+0x1a9/0x260
[ 2508.679241]  ? __ia32_sys_read+0xb0/0xb0
[ 2508.680094]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2508.681181]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2508.682253]  do_syscall_64+0x33/0x40
[ 2508.683030]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2508.684090] RIP: 0033:0x7f44bdd8db19
[ 2508.684861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2508.688622] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2508.690184] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2508.691668] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2508.693135] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2508.694620] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2508.696087] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:41:15 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x0, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 2)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:41:15 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:15 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',gfdno=', @ANYRESHEX=r1])

17:41:15 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 41)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:41:15 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = creat(&(0x7f0000000000)='./file1\x00', 0x10)
mkdirat(r1, &(0x7f0000000040)='./file1\x00', 0x31)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x100000001)

[ 2522.081467] FAULT_INJECTION: forcing a failure.
[ 2522.081467] name failslab, interval 1, probability 0, space 0, times 0
[ 2522.084741] CPU: 0 PID: 28470 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2522.086548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2522.088702] Call Trace:
[ 2522.089387]  dump_stack+0x107/0x167
[ 2522.090338]  should_fail.cold+0x5/0xa
[ 2522.091339]  ? io_uring_setup+0x258/0x2980
[ 2522.092434]  should_failslab+0x5/0x20
[ 2522.093422]  kmem_cache_alloc_trace+0x55/0x320
[ 2522.094622]  io_uring_setup+0x258/0x2980
[ 2522.095241] FAULT_INJECTION: forcing a failure.
[ 2522.095241] name failslab, interval 1, probability 0, space 0, times 0
[ 2522.095686]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2522.095719]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2522.099728]  ? wait_for_completion_io+0x270/0x270
[ 2522.100995]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2522.102330]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2522.103659]  do_syscall_64+0x33/0x40
[ 2522.104612]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2522.105912] RIP: 0033:0x7f44bdd8db19
[ 2522.106869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2522.111580] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2522.113523] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2522.115378] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2522.117213] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2522.119048] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2522.120868] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2522.122735] CPU: 1 PID: 28469 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2522.123692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2522.124866] Call Trace:
[ 2522.125236]  dump_stack+0x107/0x167
[ 2522.125731]  should_fail.cold+0x5/0xa
[ 2522.126245]  ? xas_alloc+0x336/0x440
[ 2522.126756]  should_failslab+0x5/0x20
[ 2522.127268]  kmem_cache_alloc+0x5b/0x310
[ 2522.127827]  xas_alloc+0x336/0x440
[ 2522.128307]  xas_create+0x34a/0x10d0
[ 2522.128831]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2522.129549]  xas_store+0x8c/0x1c40
[ 2522.130048]  __xa_store+0x164/0x2d0
[ 2522.130556]  ? xa_delete_node+0x280/0x280
[ 2522.131132]  ? trace_hardirqs_on+0x5b/0x180
[ 2522.131720]  xa_store+0x31/0x50
[ 2522.132174]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2522.132837]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2522.133543]  ? alloc_fd+0x2e7/0x670
[ 2522.134049]  io_uring_setup+0x1fbb/0x2980
[ 2522.134609]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2522.135292]  ? wait_for_completion_io+0x270/0x270
[ 2522.135980]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2522.136693]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2522.137402]  do_syscall_64+0x33/0x40
[ 2522.137907]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2522.138608] RIP: 0033:0x7fea1df7ab19
[ 2522.139109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2522.141581] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2522.142600] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2522.143557] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2522.144525] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2522.145482] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2522.146435] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:41:15 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:15 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2522.177374] 9pnet: Insufficient options for proto=fd
17:41:31 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
r4 = dup3(r3, r2, 0x0)
ioctl$CDROMMULTISESSION(r4, 0x5310, &(0x7f0000000040)={@msf, 0x0, 0x1})
r5 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb39e}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, 0x2}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r5, 0x8000000)
syz_io_uring_submit(r9, r7, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1, r8}}, 0x80000001)
r10 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
open$dir(&(0x7f0000000140)='./file1\x00', 0x500, 0x10)
r11 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r11, r10, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd=r0, 0x4, {0x0, r4}, 0x1000, 0xa, 0x0, {0x0, r8, r11}}, 0x9)

17:41:31 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:31 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',qfdno=', @ANYRESHEX=r1])

17:41:31 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 42)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:41:31 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x0, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:31 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:31 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 3)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2537.829878] FAULT_INJECTION: forcing a failure.
[ 2537.829878] name failslab, interval 1, probability 0, space 0, times 0
[ 2537.833229] CPU: 0 PID: 28597 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2537.835330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2537.837613] Call Trace:
[ 2537.838372]  dump_stack+0x107/0x167
[ 2537.839441]  should_fail.cold+0x5/0xa
[ 2537.840519]  ? create_object.isra.0+0x3a/0xa30
[ 2537.841817]  should_failslab+0x5/0x20
[ 2537.842928]  kmem_cache_alloc+0x5b/0x310
[ 2537.844061]  create_object.isra.0+0x3a/0xa30
[ 2537.845266]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2537.846696]  kmem_cache_alloc_trace+0x151/0x320
[ 2537.848037]  io_uring_setup+0x258/0x2980
[ 2537.849176]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2537.850530]  ? __do_sys_io_uring_enter+0x1890/0x1890
17:41:31 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2537.851988]  ? wait_for_completion_io+0x270/0x270
[ 2537.853444]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2537.853661] 9pnet: Insufficient options for proto=fd
[ 2537.854918]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2537.854953]  do_syscall_64+0x33/0x40
[ 2537.858100]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2537.859520] RIP: 0033:0x7f44bdd8db19
[ 2537.860582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2537.864305] FAULT_INJECTION: forcing a failure.
[ 2537.864305] name failslab, interval 1, probability 0, space 0, times 0
[ 2537.865711] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2537.865739] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2537.865755] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2537.865771] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2537.865793] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2537.865814] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2537.874040] CPU: 1 PID: 28594 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2537.874980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2537.876090] Call Trace:
[ 2537.876453]  dump_stack+0x107/0x167
[ 2537.876950]  should_fail.cold+0x5/0xa
[ 2537.877468]  ? create_object.isra.0+0x3a/0xa30
[ 2537.878082]  should_failslab+0x5/0x20
[ 2537.878593]  kmem_cache_alloc+0x5b/0x310
[ 2537.879146]  ? mark_held_locks+0x9e/0xe0
[ 2537.879693]  create_object.isra.0+0x3a/0xa30
[ 2537.880281]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2537.880969]  kmem_cache_alloc+0x159/0x310
[ 2537.881532]  xas_alloc+0x336/0x440
[ 2537.882002]  xas_create+0x34a/0x10d0
[ 2537.882510]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2537.883226]  xas_store+0x8c/0x1c40
[ 2537.883699]  __xa_store+0x164/0x2d0
[ 2537.884177]  ? xa_delete_node+0x280/0x280
[ 2537.884740]  ? trace_hardirqs_on+0x5b/0x180
[ 2537.885330]  xa_store+0x31/0x50
[ 2537.885782]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2537.886431]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2537.887129]  ? alloc_fd+0x2e7/0x670
[ 2537.887627]  io_uring_setup+0x1fbb/0x2980
[ 2537.888197]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2537.888898]  ? wait_for_completion_io+0x270/0x270
[ 2537.889552]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2537.890262]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2537.890951]  do_syscall_64+0x33/0x40
[ 2537.891451]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2537.892129] RIP: 0033:0x7fea1df7ab19
[ 2537.892614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2537.895105] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2537.896130] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2537.897103] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2537.898035] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2537.898987] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2537.899932] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:41:31 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 43)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:41:31 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 4)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:41:31 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x0, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2538.068816] FAULT_INJECTION: forcing a failure.
[ 2538.068816] name failslab, interval 1, probability 0, space 0, times 0
[ 2538.070482] CPU: 1 PID: 28696 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2538.071329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2538.072325] Call Trace:
[ 2538.072648]  dump_stack+0x107/0x167
[ 2538.073092]  should_fail.cold+0x5/0xa
[ 2538.073551]  ? xas_alloc+0x336/0x440
[ 2538.073997]  should_failslab+0x5/0x20
[ 2538.074453]  kmem_cache_alloc+0x5b/0x310
[ 2538.074949]  xas_alloc+0x336/0x440
[ 2538.075379]  xas_create+0x34a/0x10d0
[ 2538.075839]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2538.076466]  xas_store+0x8c/0x1c40
[ 2538.076902]  __xa_store+0x164/0x2d0
[ 2538.077343]  ? xa_delete_node+0x280/0x280
[ 2538.077847]  ? trace_hardirqs_on+0x5b/0x180
[ 2538.078372]  xa_store+0x31/0x50
[ 2538.078783]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2538.079361]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2538.079995]  ? alloc_fd+0x2e7/0x670
[ 2538.080440]  io_uring_setup+0x1fbb/0x2980
[ 2538.080948]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2538.081554]  ? wait_for_completion_io+0x270/0x270
[ 2538.082144]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2538.082780]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2538.083394]  do_syscall_64+0x33/0x40
[ 2538.083840]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2538.084450] RIP: 0033:0x7fea1df7ab19
[ 2538.084895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2538.087073] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2538.087973] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2538.088814] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2538.089654] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2538.090494] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2538.091342] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2538.108725] FAULT_INJECTION: forcing a failure.
[ 2538.108725] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2538.110210] CPU: 1 PID: 28723 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2538.111035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2538.112006] Call Trace:
[ 2538.112316]  dump_stack+0x107/0x167
[ 2538.112745]  should_fail.cold+0x5/0xa
[ 2538.113198]  __alloc_pages_nodemask+0x182/0x600
[ 2538.113745]  ? lock_release+0x680/0x680
[ 2538.114216]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2538.114931]  ? lock_downgrade+0x6d0/0x6d0
[ 2538.115423]  alloc_pages_current+0x187/0x280
[ 2538.115941]  kmalloc_order+0x35/0x160
[ 2538.116394]  kmalloc_order_trace+0x14/0xa0
[ 2538.116888]  io_uring_setup+0x33c/0x2980
[ 2538.117364]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2538.117930]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2538.118523]  ? wait_for_completion_io+0x270/0x270
[ 2538.119111]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2538.119727]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2538.120333]  do_syscall_64+0x33/0x40
[ 2538.120772]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2538.121377] RIP: 0033:0x7f44bdd8db19
[ 2538.121815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2538.123973] RSP: 002b:00007f44bb2e2108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2538.124856] RAX: ffffffffffffffda RBX: 00007f44bdea1020 RCX: 00007f44bdd8db19
[ 2538.125694] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2538.126528] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2538.127371] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2538.128205] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2538.183407] 9pnet: Insufficient options for proto=fd
17:41:31 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:31 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:31 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',sfdno=', @ANYRESHEX=r1])

17:41:31 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x0, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:31 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:31 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',ufdno=', @ANYRESHEX=r1])

17:41:31 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 5)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:41:31 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)

17:41:31 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 44)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 2538.392395] FAULT_INJECTION: forcing a failure.
[ 2538.392395] name failslab, interval 1, probability 0, space 0, times 0
[ 2538.393758] CPU: 1 PID: 28840 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2538.394549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2538.395506] Call Trace:
[ 2538.395817]  dump_stack+0x107/0x167
[ 2538.396234]  should_fail.cold+0x5/0xa
[ 2538.396672]  ? create_object.isra.0+0x3a/0xa30
[ 2538.397194]  should_failslab+0x5/0x20
[ 2538.397632]  kmem_cache_alloc+0x5b/0x310
[ 2538.398099]  create_object.isra.0+0x3a/0xa30
[ 2538.398603]  ? kasan_unpoison_shadow+0x33/0x50
[ 2538.399133]  kmalloc_order+0xfe/0x160
[ 2538.399570]  kmalloc_order_trace+0x14/0xa0
[ 2538.400060]  io_uring_setup+0x33c/0x2980
[ 2538.400528]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2538.401087]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2538.401663]  ? wait_for_completion_io+0x270/0x270
[ 2538.402230]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2538.402849]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2538.403444]  do_syscall_64+0x33/0x40
[ 2538.403869]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2538.404450] RIP: 0033:0x7f44bdd8db19
[ 2538.404879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2538.406995] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2538.407860] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2538.408675] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2538.409484] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2538.410296] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2538.411120] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:41:31 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2538.420820] 9pnet: Insufficient options for proto=fd
[ 2538.496518] FAULT_INJECTION: forcing a failure.
[ 2538.496518] name failslab, interval 1, probability 0, space 0, times 0
[ 2538.499399] CPU: 0 PID: 28847 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2538.501047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2538.502890] Call Trace:
[ 2538.503510]  dump_stack+0x107/0x167
[ 2538.504376]  should_fail.cold+0x5/0xa
[ 2538.505235]  ? create_object.isra.0+0x3a/0xa30
[ 2538.506306]  should_failslab+0x5/0x20
[ 2538.507146]  kmem_cache_alloc+0x5b/0x310
[ 2538.508109]  ? mark_held_locks+0x9e/0xe0
[ 2538.509038]  create_object.isra.0+0x3a/0xa30
[ 2538.510024]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2538.511215]  kmem_cache_alloc+0x159/0x310
[ 2538.512122]  xas_alloc+0x336/0x440
[ 2538.512919]  xas_create+0x34a/0x10d0
[ 2538.513793]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2538.514970]  xas_store+0x8c/0x1c40
[ 2538.515811]  __xa_store+0x164/0x2d0
[ 2538.516638]  ? xa_delete_node+0x280/0x280
[ 2538.517575]  ? trace_hardirqs_on+0x5b/0x180
[ 2538.518588]  xa_store+0x31/0x50
[ 2538.519342]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2538.520395]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2538.521630]  ? alloc_fd+0x2e7/0x670
[ 2538.522433]  io_uring_setup+0x1fbb/0x2980
[ 2538.523409]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2538.524534]  ? wait_for_completion_io+0x270/0x270
[ 2538.525590]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2538.526794]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2538.527935]  do_syscall_64+0x33/0x40
[ 2538.528817]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2538.529973] RIP: 0033:0x7fea1df7ab19
[ 2538.530774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2538.534856] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2538.536538] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2538.538079] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2538.539665] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2538.541225] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2538.542766] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:41:50 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x0, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
symlink(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./file1\x00')
sendfile(r0, r1, 0x0, 0x100000001)

17:41:50 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:41:50 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:50 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:41:50 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',w\"dno=', @ANYRESHEX=r1])

17:41:50 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 6)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:41:50 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 45)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 2556.851399] FAULT_INJECTION: forcing a failure.
[ 2556.851399] name failslab, interval 1, probability 0, space 0, times 0
[ 2556.854353] CPU: 0 PID: 28959 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2556.856139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2556.858271] Call Trace:
[ 2556.858962]  dump_stack+0x107/0x167
[ 2556.860056]  should_fail.cold+0x5/0xa
[ 2556.861052]  ? io_uring_setup+0x40b/0x2980
[ 2556.862143]  should_failslab+0x5/0x20
[ 2556.863133]  kmem_cache_alloc_trace+0x55/0x320
[ 2556.864328]  io_uring_setup+0x40b/0x2980
[ 2556.865380]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2556.866627]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2556.867908]  ? wait_for_completion_io+0x270/0x270
[ 2556.869198]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2556.869471] FAULT_INJECTION: forcing a failure.
[ 2556.869471] name failslab, interval 1, probability 0, space 0, times 0
[ 2556.870554]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2556.870585]  do_syscall_64+0x33/0x40
[ 2556.870610]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2556.870625] RIP: 0033:0x7f44bdd8db19
[ 2556.870647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2556.870661] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2556.870686] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2556.870704] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2556.886772] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2556.888650] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2556.890486] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2556.892387] CPU: 1 PID: 28969 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2556.893215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2556.894165] Call Trace:
[ 2556.894466]  dump_stack+0x107/0x167
[ 2556.894898]  should_fail.cold+0x5/0xa
[ 2556.895344]  ? xas_alloc+0x336/0x440
[ 2556.895773]  should_failslab+0x5/0x20
[ 2556.896209]  kmem_cache_alloc+0x5b/0x310
[ 2556.896678]  xas_alloc+0x336/0x440
[ 2556.897091]  xas_create+0x34a/0x10d0
[ 2556.897527]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2556.898139]  xas_store+0x8c/0x1c40
[ 2556.898570]  __xa_store+0x164/0x2d0
[ 2556.899021]  ? xa_delete_node+0x280/0x280
[ 2556.899500]  ? trace_hardirqs_on+0x5b/0x180
[ 2556.900005]  xa_store+0x31/0x50
[ 2556.900385]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2556.900941]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2556.901555]  ? alloc_fd+0x2e7/0x670
[ 2556.901986]  io_uring_setup+0x1fbb/0x2980
[ 2556.902469]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2556.903061]  ? wait_for_completion_io+0x270/0x270
[ 2556.903638]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2556.904242]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2556.904829]  do_syscall_64+0x33/0x40
[ 2556.905250]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2556.905837] RIP: 0033:0x7fea1df7ab19
[ 2556.906262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2556.908358] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2556.908619] 9pnet: Insufficient options for proto=fd
[ 2556.909232] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2556.909248] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2556.912080] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2556.912900] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2556.913731] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:41:50 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:09 executing program 1:
r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000a00)=<r2=>0x0)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/icmp6\x00')
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0xe8700)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r4, 0xc018937a, &(0x7f0000000340)=ANY=[@ANYBLOB="018c5b23a5733daee0a3ffffffffff29f58578f0b2b9b01500"/35, @ANYRES32=r5, @ANYBLOB="47050000000000002e2f66696c653000"])
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000006, 0x50, r0, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000140)=@IORING_OP_STATX={0x15, 0x0, 0x0, r0, &(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x800, 0x1}, 0x8001)
sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001)

17:42:09 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:09 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',w,dno=', @ANYRESHEX=r1])

17:42:09 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:09 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 46)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:42:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 7)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:42:09 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:09 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2576.276376] FAULT_INJECTION: forcing a failure.
[ 2576.276376] name failslab, interval 1, probability 0, space 0, times 0
[ 2576.279209] CPU: 1 PID: 29097 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2576.280842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2576.282855] Call Trace:
[ 2576.283421]  dump_stack+0x107/0x167
[ 2576.284199]  should_fail.cold+0x5/0xa
[ 2576.285012]  ? create_object.isra.0+0x3a/0xa30
[ 2576.285988]  should_failslab+0x5/0x20
[ 2576.286781]  kmem_cache_alloc+0x5b/0x310
[ 2576.287648]  create_object.isra.0+0x3a/0xa30
[ 2576.288584]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2576.289664]  kmem_cache_alloc_trace+0x151/0x320
[ 2576.290649]  io_uring_setup+0x40b/0x2980
[ 2576.291522]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2576.292559]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2576.293644]  ? wait_for_completion_io+0x270/0x270
[ 2576.294286] FAULT_INJECTION: forcing a failure.
[ 2576.294286] name failslab, interval 1, probability 0, space 0, times 0
[ 2576.294708]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2576.297331]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2576.298437]  do_syscall_64+0x33/0x40
[ 2576.299247]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2576.300329] RIP: 0033:0x7f44bdd8db19
[ 2576.301117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2576.305069] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2576.306685] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2576.308213] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2576.309731] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2576.311256] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2576.312760] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2576.314278] CPU: 0 PID: 29089 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2576.315246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2576.316456] Call Trace:
[ 2576.316843]  dump_stack+0x107/0x167
[ 2576.317332]  should_fail.cold+0x5/0xa
[ 2576.317889]  ? ___slab_alloc+0x155/0x700
[ 2576.318486]  ? create_object.isra.0+0x3a/0xa30
[ 2576.319160]  should_failslab+0x5/0x20
[ 2576.319709]  kmem_cache_alloc+0x5b/0x310
[ 2576.320299]  create_object.isra.0+0x3a/0xa30
[ 2576.320927]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2576.321668]  kmem_cache_alloc+0x159/0x310
[ 2576.322272]  xas_alloc+0x336/0x440
[ 2576.322789]  xas_create+0x34a/0x10d0
[ 2576.323343]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2576.324106]  xas_store+0x8c/0x1c40
[ 2576.324630]  __xa_store+0x164/0x2d0
[ 2576.325162]  ? xa_delete_node+0x280/0x280
[ 2576.325770]  xa_store+0x31/0x50
[ 2576.326242]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2576.326936]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2576.327692]  ? alloc_fd+0x2e7/0x670
[ 2576.328222]  io_uring_setup+0x1fbb/0x2980
[ 2576.328829]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2576.329555]  ? wait_for_completion_io+0x270/0x270
[ 2576.330263]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2576.330629] 9pnet: Insufficient options for proto=fd
[ 2576.331010]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2576.331030]  do_syscall_64+0x33/0x40
[ 2576.333484]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2576.334214] RIP: 0033:0x7fea1df7ab19
[ 2576.334747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2576.337385] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2576.338431] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2576.339460] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2576.340469] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2576.341492] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2576.342506] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:09 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 8)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:42:09 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:09 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x100000001)

17:42:09 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:09 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:09 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',w.dno=', @ANYRESHEX=r1])

17:42:09 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 47)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 2576.551194] FAULT_INJECTION: forcing a failure.
[ 2576.551194] name failslab, interval 1, probability 0, space 0, times 0
[ 2576.553893] CPU: 1 PID: 29217 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2576.555458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2576.557279] Call Trace:
[ 2576.557867]  dump_stack+0x107/0x167
[ 2576.558670]  should_fail.cold+0x5/0xa
[ 2576.559706]  ? create_object.isra.0+0x3a/0xa30
[ 2576.560711]  should_failslab+0x5/0x20
[ 2576.561549]  kmem_cache_alloc+0x5b/0x310
[ 2576.562449]  create_object.isra.0+0x3a/0xa30
[ 2576.563447]  kmemleak_alloc_percpu+0xa0/0x100
[ 2576.564469]  pcpu_alloc+0x4e2/0x1240
[ 2576.565357]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2576.566270]  percpu_ref_init+0x31/0x3d0
[ 2576.567185]  io_uring_setup+0x47a/0x2980
[ 2576.568232]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2576.569296]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2576.570427]  ? wait_for_completion_io+0x270/0x270
[ 2576.571550]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2576.572705]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2576.573858]  do_syscall_64+0x33/0x40
[ 2576.574685]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2576.575834] RIP: 0033:0x7f44bdd8db19
[ 2576.576660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2576.580732] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2576.582403] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2576.583968] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2576.585342] FAULT_INJECTION: forcing a failure.
[ 2576.585342] name failslab, interval 1, probability 0, space 0, times 0
[ 2576.585524] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2576.588492] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2576.590053] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2576.591685] CPU: 0 PID: 29219 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2576.592592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2576.593665] Call Trace:
[ 2576.594009]  dump_stack+0x107/0x167
[ 2576.594481]  should_fail.cold+0x5/0xa
[ 2576.594974]  ? xas_alloc+0x336/0x440
[ 2576.595467]  should_failslab+0x5/0x20
[ 2576.595965]  kmem_cache_alloc+0x5b/0x310
[ 2576.596492]  xas_alloc+0x336/0x440
[ 2576.596956]  xas_create+0x34a/0x10d0
[ 2576.597447]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2576.598099]  xas_store+0x8c/0x1c40
[ 2576.598573]  __xa_store+0x164/0x2d0
[ 2576.599042]  ? xa_delete_node+0x280/0x280
[ 2576.599567]  ? trace_hardirqs_on+0x5b/0x180
[ 2576.600131]  xa_store+0x31/0x50
[ 2576.600558]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2576.601185]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2576.601859]  ? alloc_fd+0x2e7/0x670
[ 2576.602333]  io_uring_setup+0x1fbb/0x2980
[ 2576.602877]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2576.603538]  ? wait_for_completion_io+0x270/0x270
[ 2576.604159]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2576.604833]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2576.605501]  do_syscall_64+0x33/0x40
[ 2576.605978]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2576.606633] RIP: 0033:0x7fea1df7ab19
[ 2576.607099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2576.609347] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2576.610324] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2576.611250] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2576.612159] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2576.613066] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2576.613976] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x402c01, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r4, r3, 0x0)
syz_io_uring_setup(0x7, &(0x7f0000000340)={0x0, 0x8a07}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000400)=<r5=>0x0, &(0x7f00000003c0)=<r6=>0x0)
r7 = open(&(0x7f00000001c0)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r7, 0x0, 0x0}, 0x0)
r8 = syz_io_uring_setup(0x7d06, &(0x7f00000002c0)={0x0, 0x0, 0x20, 0x0, 0x1000000}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r9=>0x0, &(0x7f0000000a00)=<r10=>0x0)
r11 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r11, 0x0, 0x0}, 0x0)
r12 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r8, 0x0)
syz_io_uring_submit(r12, r10, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r13 = memfd_create(&(0x7f00000000c0)='-y),\x00', 0x4)
r14 = signalfd(r2, &(0x7f0000000100)={[0x1]}, 0x8)
syz_io_uring_submit(r5, r10, &(0x7f0000000140)=@IORING_OP_SPLICE={0x1e, 0x4, 0x0, @fd=r13, 0x4, {0x0, r14}, 0x9, 0xa, 0x0, {0x0, 0x0, r3}}, 0xa6)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000040)={0x100000010})
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000008, 0x4000010, r2, 0x2a84f000)

[ 2576.631472] 9pnet: Insufficient options for proto=fd
17:42:09 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:09 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, 0x0, 0x9)

17:42:10 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:10 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:10 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, 0x0, 0x9)

17:42:25 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0xc02c5341, &(0x7f0000000000))

17:42:25 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',w/dno=', @ANYRESHEX=r1])

17:42:25 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, 0x0, 0x9)

17:42:25 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 9)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:42:25 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:25 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 48)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:42:25 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, 0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2592.392545] FAULT_INJECTION: forcing a failure.
[ 2592.392545] name failslab, interval 1, probability 0, space 0, times 0
[ 2592.394165] CPU: 1 PID: 29350 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2592.395119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2592.396261] Call Trace:
[ 2592.396629]  dump_stack+0x107/0x167
[ 2592.397129]  should_fail.cold+0x5/0xa
[ 2592.397654]  ? create_object.isra.0+0x3a/0xa30
[ 2592.398288]  should_failslab+0x5/0x20
[ 2592.398806]  kmem_cache_alloc+0x5b/0x310
[ 2592.399374]  create_object.isra.0+0x3a/0xa30
[ 2592.399992]  kmemleak_alloc_percpu+0xa0/0x100
[ 2592.400608]  pcpu_alloc+0x4e2/0x1240
[ 2592.401131]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2592.401685]  percpu_ref_init+0x31/0x3d0
[ 2592.402231]  io_uring_setup+0x47a/0x2980
[ 2592.402785]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2592.403461]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2592.404155]  ? wait_for_completion_io+0x270/0x270
[ 2592.404842]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2592.405558]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2592.406265]  do_syscall_64+0x33/0x40
[ 2592.406782]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2592.407491] RIP: 0033:0x7f44bdd8db19
[ 2592.408012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2592.410511] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2592.411556] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2592.412532] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2592.412740] 9pnet: Insufficient options for proto=fd
[ 2592.413508] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2592.413528] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2592.416576] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:25 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:25 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2592.518220] FAULT_INJECTION: forcing a failure.
[ 2592.518220] name failslab, interval 1, probability 0, space 0, times 0
[ 2592.521004] CPU: 0 PID: 29353 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2592.522497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2592.524297] Call Trace:
[ 2592.524882]  dump_stack+0x107/0x167
[ 2592.525667]  should_fail.cold+0x5/0xa
[ 2592.526486]  ? create_object.isra.0+0x3a/0xa30
[ 2592.527483]  should_failslab+0x5/0x20
[ 2592.528313]  kmem_cache_alloc+0x5b/0x310
[ 2592.529191]  ? mark_held_locks+0x9e/0xe0
[ 2592.530072]  create_object.isra.0+0x3a/0xa30
[ 2592.531009]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2592.532122]  kmem_cache_alloc+0x159/0x310
[ 2592.533025]  xas_alloc+0x336/0x440
[ 2592.533798]  xas_create+0x34a/0x10d0
[ 2592.534618]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2592.535767]  xas_store+0x8c/0x1c40
[ 2592.536551]  __xa_store+0x164/0x2d0
[ 2592.537327]  ? xa_delete_node+0x280/0x280
[ 2592.538226]  ? trace_hardirqs_on+0x5b/0x180
[ 2592.539162]  xa_store+0x31/0x50
[ 2592.539907]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2592.540933]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2592.542058]  ? alloc_fd+0x2e7/0x670
[ 2592.542860]  io_uring_setup+0x1fbb/0x2980
[ 2592.543789]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2592.544882]  ? wait_for_completion_io+0x270/0x270
[ 2592.546094]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2592.548341]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2592.549455]  do_syscall_64+0x33/0x40
[ 2592.550230]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2592.551310] RIP: 0033:0x7fea1df7ab19
[ 2592.552085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2592.555907] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2592.557487] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
17:42:25 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2592.558963] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2592.560637] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2592.562130] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2592.563639] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:25 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 10)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2592.719411] FAULT_INJECTION: forcing a failure.
[ 2592.719411] name failslab, interval 1, probability 0, space 0, times 0
[ 2592.720852] CPU: 1 PID: 29471 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2592.721673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2592.722654] Call Trace:
[ 2592.722971]  dump_stack+0x107/0x167
[ 2592.723416]  should_fail.cold+0x5/0xa
[ 2592.723876]  ? percpu_ref_init+0xd8/0x3d0
[ 2592.724368]  should_failslab+0x5/0x20
[ 2592.724817]  kmem_cache_alloc_trace+0x55/0x320
[ 2592.725366]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2592.725847]  percpu_ref_init+0xd8/0x3d0
[ 2592.726325]  io_uring_setup+0x47a/0x2980
[ 2592.726813]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2592.727396]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2592.727998]  ? wait_for_completion_io+0x270/0x270
[ 2592.728587]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2592.729230]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2592.729852]  do_syscall_64+0x33/0x40
[ 2592.730293]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2592.730897] RIP: 0033:0x7f44bdd8db19
[ 2592.731343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2592.733514] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2592.734414] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2592.735262] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2592.736105] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2592.736946] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2592.737790] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2607.678940] FAULT_INJECTION: forcing a failure.
[ 2607.678940] name failslab, interval 1, probability 0, space 0, times 0
[ 2607.680749] CPU: 0 PID: 29476 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2607.681703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2607.682833] Call Trace:
[ 2607.683200]  dump_stack+0x107/0x167
[ 2607.683712]  should_fail.cold+0x5/0xa
[ 2607.684238]  ? xas_alloc+0x336/0x440
[ 2607.684750]  should_failslab+0x5/0x20
[ 2607.685294]  kmem_cache_alloc+0x5b/0x310
[ 2607.685861]  xas_alloc+0x336/0x440
[ 2607.686370]  xas_create+0x34a/0x10d0
[ 2607.686892]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2607.687660]  xas_store+0x8c/0x1c40
[ 2607.688161]  __xa_store+0x164/0x2d0
[ 2607.688688]  ? xa_delete_node+0x280/0x280
[ 2607.689284]  ? trace_hardirqs_on+0x5b/0x180
[ 2607.689909]  xa_store+0x31/0x50
[ 2607.690382]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2607.691070]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2607.691857]  ? alloc_fd+0x2e7/0x670
[ 2607.692439]  io_uring_setup+0x1fbb/0x2980
[ 2607.693096]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2607.693878]  ? wait_for_completion_io+0x270/0x270
[ 2607.694648]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2607.695493]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2607.696426]  do_syscall_64+0x33/0x40
[ 2607.697058]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2607.697786] RIP: 0033:0x7fea1df7ab19
[ 2607.698311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2607.700941] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2607.701976] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2607.702940] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2607.703912] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2607.704878] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2607.705865] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:41 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 49)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:42:41 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:41 executing program 1:
r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
openat(r1, &(0x7f0000000000)='./file1\x00', 0x200000, 0x50)
sendfile(r0, r1, 0x0, 0x100000001)

17:42:41 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:41 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wf\"no=', @ANYRESHEX=r1])

17:42:41 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:41 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:41 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 11)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2607.714486] FAULT_INJECTION: forcing a failure.
[ 2607.714486] name failslab, interval 1, probability 0, space 0, times 0
[ 2607.717247] CPU: 1 PID: 29478 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2607.718932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2607.720960] Call Trace:
[ 2607.721610]  dump_stack+0x107/0x167
[ 2607.722507]  should_fail.cold+0x5/0xa
[ 2607.723482]  ? create_object.isra.0+0x3a/0xa30
[ 2607.724688]  should_failslab+0x5/0x20
[ 2607.725619]  kmem_cache_alloc+0x5b/0x310
[ 2607.726611]  create_object.isra.0+0x3a/0xa30
[ 2607.727686]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2607.728931]  kmem_cache_alloc_trace+0x151/0x320
[ 2607.730192]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2607.731174]  percpu_ref_init+0xd8/0x3d0
[ 2607.732155]  io_uring_setup+0x47a/0x2980
[ 2607.733137]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2607.734307]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2607.735539]  ? wait_for_completion_io+0x270/0x270
[ 2607.736739]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2607.738007]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2607.739258]  do_syscall_64+0x33/0x40
[ 2607.740166]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2607.741404] RIP: 0033:0x7f44bdd8db19
[ 2607.742301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2607.746720] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2607.748549] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2607.750411] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2607.752134] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2607.753852] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2607.755563] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:41 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:41 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2607.790951] 9pnet: Insufficient options for proto=fd
17:42:41 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 50)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:42:41 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 12)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:42:41 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2607.870940] FAULT_INJECTION: forcing a failure.
[ 2607.870940] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2607.872566] CPU: 0 PID: 29551 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2607.873470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2607.874562] Call Trace:
[ 2607.874910]  dump_stack+0x107/0x167
[ 2607.875394]  should_fail.cold+0x5/0xa
[ 2607.875901]  __alloc_pages_nodemask+0x182/0x600
[ 2607.876518]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2607.877304]  ? cap_capable+0x1cd/0x230
[ 2607.877814]  alloc_pages_current+0x187/0x280
[ 2607.878391]  __get_free_pages+0xc/0xa0
[ 2607.878896]  io_uring_setup+0xe27/0x2980
[ 2607.879432]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2607.880092]  ? wait_for_completion_io+0x270/0x270
[ 2607.880732]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2607.881413]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2607.882087]  do_syscall_64+0x33/0x40
[ 2607.882571]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2607.883231] RIP: 0033:0x7f44bdd8db19
[ 2607.883719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2607.886114] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2607.887108] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2607.888042] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2607.888974] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2607.889915] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2607.890850] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:41 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
r3 = dup3(r2, 0xffffffffffffffff, 0x0)
ioctl$CDROMMULTISESSION(r3, 0x5310, &(0x7f0000000040)={@msf, 0x0, 0x1})
openat(r3, &(0x7f0000000000)='./file1\x00', 0x4081, 0x9)
sendfile(r0, r1, 0x0, 0x100020001)

17:42:41 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x0, &(0x7f0000000400)})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2607.907728] FAULT_INJECTION: forcing a failure.
[ 2607.907728] name failslab, interval 1, probability 0, space 0, times 0
[ 2607.909325] CPU: 0 PID: 29570 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2607.910209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2607.911294] Call Trace:
[ 2607.911651]  dump_stack+0x107/0x167
[ 2607.912120]  should_fail.cold+0x5/0xa
[ 2607.912616]  ? ___slab_alloc+0x360/0x700
[ 2607.913133]  ? create_object.isra.0+0x3a/0xa30
[ 2607.913728]  should_failslab+0x5/0x20
[ 2607.914227]  kmem_cache_alloc+0x5b/0x310
[ 2607.914759]  create_object.isra.0+0x3a/0xa30
[ 2607.915317]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2607.915974]  kmem_cache_alloc+0x159/0x310
[ 2607.916511]  xas_alloc+0x336/0x440
[ 2607.916966]  xas_create+0x34a/0x10d0
[ 2607.917456]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2607.918134]  xas_store+0x8c/0x1c40
[ 2607.918601]  __xa_store+0x164/0x2d0
[ 2607.919069]  ? xa_delete_node+0x280/0x280
[ 2607.919612]  ? trace_hardirqs_on+0x5b/0x180
[ 2607.920162]  xa_store+0x31/0x50
[ 2607.920586]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2607.921204]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2607.921873]  ? alloc_fd+0x2e7/0x670
[ 2607.922347]  io_uring_setup+0x1fbb/0x2980
[ 2607.922880]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2607.923541]  ? wait_for_completion_io+0x270/0x270
[ 2607.924172]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2607.924840]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2607.925505]  do_syscall_64+0x33/0x40
[ 2607.925976]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2607.926623] RIP: 0033:0x7fea1df7ab19
[ 2607.927097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2607.929429] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2607.930397] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2607.931302] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2607.932340] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2607.933275] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2607.934183] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:41 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:41 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4}, 0x9)

17:42:58 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000000)=""/51, 0x33)
sendfile(r0, r1, 0x0, 0x100000001)

17:42:58 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 51)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:42:58 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wf,no=', @ANYRESHEX=r1])

17:42:58 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4}, 0x9)

17:42:58 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:58 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:58 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 13)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:42:58 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2624.773374] 9pnet: Insufficient options for proto=fd
[ 2624.790043] FAULT_INJECTION: forcing a failure.
[ 2624.790043] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2624.793034] CPU: 1 PID: 29633 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2624.794782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2624.797087] Call Trace:
[ 2624.797706]  dump_stack+0x107/0x167
[ 2624.798554]  should_fail.cold+0x5/0xa
[ 2624.799444]  __alloc_pages_nodemask+0x182/0x600
[ 2624.800531]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2624.801927]  ? cap_capable+0x1cd/0x230
[ 2624.802839]  alloc_pages_current+0x187/0x280
[ 2624.803867]  __get_free_pages+0xc/0xa0
[ 2624.804765]  io_uring_setup+0xf9a/0x2980
[ 2624.805719]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2624.806880]  ? wait_for_completion_io+0x270/0x270
[ 2624.808021]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2624.809259]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2624.810421]  do_syscall_64+0x33/0x40
[ 2624.811285]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2624.812451] RIP: 0033:0x7f44bdd8db19
[ 2624.813300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2624.817516] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2624.819238] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2624.820883] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2624.822466] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2624.824102] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2624.825690] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:58 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 14)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2624.901942] FAULT_INJECTION: forcing a failure.
[ 2624.901942] name failslab, interval 1, probability 0, space 0, times 0
[ 2624.904861] CPU: 0 PID: 29655 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2624.906627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2624.909167] Call Trace:
[ 2624.909845]  dump_stack+0x107/0x167
[ 2624.910976]  should_fail.cold+0x5/0xa
[ 2624.911957]  ? io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2624.913676]  should_failslab+0x5/0x20
[ 2624.914646]  kmem_cache_alloc_trace+0x55/0x320
[ 2624.916102]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2624.917504]  io_uring_setup+0x14f6/0x2980
[ 2624.918891]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2624.920176]  ? wait_for_completion_io+0x270/0x270
[ 2624.920841] FAULT_INJECTION: forcing a failure.
[ 2624.920841] name failslab, interval 1, probability 0, space 0, times 0
[ 2624.921698]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2624.921736]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2624.927124]  do_syscall_64+0x33/0x40
[ 2624.928093]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2624.929703] RIP: 0033:0x7f44bdd8db19
[ 2624.930668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2624.936383] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2624.938305] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2624.940140] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2624.941925] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2624.943729] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2624.945528] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2624.947359] CPU: 1 PID: 29634 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2624.949008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2624.950861] Call Trace:
[ 2624.951472]  dump_stack+0x107/0x167
[ 2624.952308]  should_fail.cold+0x5/0xa
[ 2624.953165]  ? xas_alloc+0x336/0x440
[ 2624.954003]  should_failslab+0x5/0x20
[ 2624.954858]  kmem_cache_alloc+0x5b/0x310
[ 2624.955797]  xas_alloc+0x336/0x440
[ 2624.956597]  xas_create+0x34a/0x10d0
[ 2624.957448]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2624.958621]  xas_store+0x8c/0x1c40
[ 2624.959447]  __xa_store+0x164/0x2d0
[ 2624.960280]  ? xa_delete_node+0x280/0x280
[ 2624.961226]  ? trace_hardirqs_on+0x5b/0x180
[ 2624.962203]  xa_store+0x31/0x50
[ 2624.962951]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2624.964062]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2624.965234]  ? alloc_fd+0x2e7/0x670
[ 2624.966071]  io_uring_setup+0x1fbb/0x2980
[ 2624.967014]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2624.968160]  ? wait_for_completion_io+0x270/0x270
[ 2624.969276]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2624.970470]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2624.971637]  do_syscall_64+0x33/0x40
[ 2624.972477]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2624.973632] RIP: 0033:0x7fea1df7ab19
[ 2624.974479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2624.978619] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2624.980343] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2624.981976] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2624.983590] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2624.985202] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2624.986808] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:58 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:58 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfIno=', @ANYRESHEX=r1])

17:42:58 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 15)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:42:58 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:58 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4}, 0x9)

17:42:58 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2625.247108] 9pnet: Insufficient options for proto=fd
[ 2625.251562] FAULT_INJECTION: forcing a failure.
[ 2625.251562] name failslab, interval 1, probability 0, space 0, times 0
[ 2625.254748] CPU: 1 PID: 29750 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2625.256323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2625.258168] Call Trace:
[ 2625.258757]  dump_stack+0x107/0x167
[ 2625.259587]  should_fail.cold+0x5/0xa
[ 2625.260439]  ? create_object.isra.0+0x3a/0xa30
[ 2625.261451]  should_failslab+0x5/0x20
[ 2625.262303]  kmem_cache_alloc+0x5b/0x310
[ 2625.263208]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2625.264549]  create_object.isra.0+0x3a/0xa30
[ 2625.265520]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2625.266657]  kmem_cache_alloc_trace+0x151/0x320
[ 2625.267710]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2625.268906]  io_uring_setup+0x14f6/0x2980
[ 2625.269831]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2625.270955]  ? wait_for_completion_io+0x270/0x270
[ 2625.272064]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2625.273220]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2625.274365]  do_syscall_64+0x33/0x40
[ 2625.275195]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2625.276349] RIP: 0033:0x7f44bdd8db19
[ 2625.277173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2625.281255] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2625.282933] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2625.284807] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2625.286558] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2625.288148] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2625.289723] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:42:58 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x0, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:42:58 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 52)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:42:58 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x4a)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
recvmsg(r1, &(0x7f00000004c0)={&(0x7f0000000000)=@ax25={{0x3, @netrom}, [@netrom, @remote, @netrom, @default, @remote, @netrom, @netrom, @bcast]}, 0x80, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/200, 0xc8}, {&(0x7f00000001c0)=""/158, 0x9e}, {&(0x7f00000002c0)=""/179, 0xb3}], 0x3, &(0x7f00000003c0)=""/205, 0xcd}, 0x2000)
sendfile(r0, r1, 0x0, 0x100000001)

17:42:58 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x0)

17:42:58 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:42:58 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 16)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:42:58 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2625.488345] FAULT_INJECTION: forcing a failure.
[ 2625.488345] name failslab, interval 1, probability 0, space 0, times 0
[ 2625.491509] CPU: 0 PID: 29850 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2625.493432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2625.495911] Call Trace:
[ 2625.496646]  dump_stack+0x107/0x167
[ 2625.497652]  should_fail.cold+0x5/0xa
[ 2625.498685]  ? create_object.isra.0+0x3a/0xa30
[ 2625.499939]  should_failslab+0x5/0x20
[ 2625.501010]  kmem_cache_alloc+0x5b/0x310
[ 2625.502133]  ? mark_held_locks+0x9e/0xe0
[ 2625.503269]  create_object.isra.0+0x3a/0xa30
[ 2625.504476]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2625.505882]  kmem_cache_alloc+0x159/0x310
[ 2625.507036]  xas_alloc+0x336/0x440
[ 2625.507927]  xas_create+0x34a/0x10d0
[ 2625.508959]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2625.510134]  xas_store+0x8c/0x1c40
[ 2625.511148]  __xa_store+0x164/0x2d0
[ 2625.511979]  ? xa_delete_node+0x280/0x280
[ 2625.513114]  ? trace_hardirqs_on+0x5b/0x180
[ 2625.514315]  xa_store+0x31/0x50
[ 2625.515230]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2625.516563]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2625.517964]  ? alloc_fd+0x2e7/0x670
[ 2625.518984]  io_uring_setup+0x1fbb/0x2980
[ 2625.520128]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2625.521245]  ? wait_for_completion_io+0x270/0x270
[ 2625.522336]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2625.523498]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2625.524661]  do_syscall_64+0x33/0x40
[ 2625.525470]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2625.526583] RIP: 0033:0x7fea1df7ab19
[ 2625.527389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2625.531400] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2625.533065] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2625.534602] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2625.536153] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2625.537686] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2625.539208] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2625.601411] FAULT_INJECTION: forcing a failure.
[ 2625.601411] name failslab, interval 1, probability 0, space 0, times 0
[ 2625.604477] CPU: 0 PID: 29866 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2625.606190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2625.608168] Call Trace:
[ 2625.608797]  dump_stack+0x107/0x167
[ 2625.609673]  should_fail.cold+0x5/0xa
[ 2625.610464]  ? create_object.isra.0+0x3a/0xa30
[ 2625.611402]  should_failslab+0x5/0x20
[ 2625.612193]  kmem_cache_alloc+0x5b/0x310
[ 2625.613034]  create_object.isra.0+0x3a/0xa30
[ 2625.613943]  kmemleak_alloc_percpu+0xa0/0x100
[ 2625.614869]  pcpu_alloc+0x4e2/0x1240
[ 2625.615657]  ? io_async_queue_proc+0x80/0x80
[ 2625.616560]  percpu_ref_init+0x31/0x3d0
[ 2625.617378]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2625.618506]  io_uring_setup+0x14f6/0x2980
[ 2625.619371]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2625.620417]  ? wait_for_completion_io+0x270/0x270
[ 2625.621438]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2625.622530]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2625.623611]  do_syscall_64+0x33/0x40
[ 2625.624385]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2625.625452] RIP: 0033:0x7f44bdd8db19
[ 2625.626234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2625.630056] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2625.631641] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2625.633132] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2625.634613] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2625.636105] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2625.637575] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:43:15 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:43:15 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfQno=', @ANYRESHEX=r1])

17:43:15 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 53)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:43:15 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x0)

17:43:15 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:43:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 17)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:43:15 executing program 1:
delete_module(&(0x7f0000000140)='/dev/cdrom\x00', 0xa00)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
delete_module(&(0x7f0000000040)='%(\x00', 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYRES32=r0, @ANYRES64=r0, @ANYRESHEX=r0], 0x1c}, 0x1, 0x0, 0x0, 0x4008010}, 0x81)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r2, r1, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x100000001)

17:43:15 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2642.123145] FAULT_INJECTION: forcing a failure.
[ 2642.123145] name failslab, interval 1, probability 0, space 0, times 0
[ 2642.124949] CPU: 0 PID: 29886 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2642.125981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2642.127210] Call Trace:
[ 2642.127596]  dump_stack+0x107/0x167
[ 2642.128143]  should_fail.cold+0x5/0xa
[ 2642.128706]  ? create_object.isra.0+0x3a/0xa30
[ 2642.129382]  should_failslab+0x5/0x20
[ 2642.129946]  kmem_cache_alloc+0x5b/0x310
[ 2642.130550]  create_object.isra.0+0x3a/0xa30
[ 2642.131205]  kmemleak_alloc_percpu+0xa0/0x100
[ 2642.131875]  pcpu_alloc+0x4e2/0x1240
[ 2642.132445]  ? io_async_queue_proc+0x80/0x80
[ 2642.133092]  percpu_ref_init+0x31/0x3d0
[ 2642.133683]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2642.134485]  io_uring_setup+0x14f6/0x2980
[ 2642.135087]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2642.135833]  ? wait_for_completion_io+0x270/0x270
[ 2642.136561]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2642.137547]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2642.138315]  do_syscall_64+0x33/0x40
[ 2642.138882]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2642.139622] RIP: 0033:0x7f44bdd8db19
[ 2642.140175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2642.142848] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2642.143973] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2642.145002] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2642.146037] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2642.147078] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2642.148121] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2642.168403] 9pnet: Insufficient options for proto=fd
[ 2642.171480] FAULT_INJECTION: forcing a failure.
[ 2642.171480] name failslab, interval 1, probability 0, space 0, times 0
[ 2642.173331] CPU: 0 PID: 29875 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2642.174329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2642.175518] Call Trace:
[ 2642.175955]  dump_stack+0x107/0x167
[ 2642.176578]  should_fail.cold+0x5/0xa
[ 2642.177222]  ? xas_alloc+0x336/0x440
[ 2642.177848]  should_failslab+0x5/0x20
[ 2642.178484]  kmem_cache_alloc+0x5b/0x310
[ 2642.179079]  xas_alloc+0x336/0x440
[ 2642.179598]  xas_create+0x34a/0x10d0
[ 2642.180156]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2642.180913]  xas_store+0x8c/0x1c40
[ 2642.181439]  __xa_store+0x164/0x2d0
[ 2642.181967]  ? xa_delete_node+0x280/0x280
[ 2642.182571]  ? trace_hardirqs_on+0x5b/0x180
[ 2642.183192]  xa_store+0x31/0x50
[ 2642.183668]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2642.184365]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2642.185112]  ? alloc_fd+0x2e7/0x670
[ 2642.185642]  io_uring_setup+0x1fbb/0x2980
[ 2642.186247]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2642.186973]  ? wait_for_completion_io+0x270/0x270
[ 2642.187682]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2642.188440]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2642.189178]  do_syscall_64+0x33/0x40
[ 2642.189716]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2642.190456] RIP: 0033:0x7fea1df7ab19
[ 2642.190986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2642.193646] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2642.194744] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2642.195770] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2642.196794] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2642.197824] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2642.198853] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:43:31 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:43:31 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:43:31 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 54)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:43:31 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 18)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:43:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat(r2, &(0x7f0000000040)='./file1\x00', 0x5200, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r3, r2, 0x0)
copy_file_range(r0, &(0x7f0000000000)=0x672f, r3, 0x0, 0x4c5, 0x0)

17:43:31 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:43:31 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfRno=', @ANYRESHEX=r1])

17:43:31 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x0)

[ 2657.997947] FAULT_INJECTION: forcing a failure.
[ 2657.997947] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.000229] CPU: 0 PID: 30004 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2658.001518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.003070] Call Trace:
[ 2658.003586]  dump_stack+0x107/0x167
[ 2658.004282]  should_fail.cold+0x5/0xa
[ 2658.004996]  ? percpu_ref_init+0xd8/0x3d0
[ 2658.005778]  should_failslab+0x5/0x20
[ 2658.006497]  kmem_cache_alloc_trace+0x55/0x320
[ 2658.007373]  ? io_async_queue_proc+0x80/0x80
[ 2658.008212]  percpu_ref_init+0xd8/0x3d0
[ 2658.008971]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2658.009986]  io_uring_setup+0x14f6/0x2980
[ 2658.010960]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2658.011924]  ? wait_for_completion_io+0x270/0x270
[ 2658.012856]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.013832]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.014828]  do_syscall_64+0x33/0x40
[ 2658.015536]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.016512] RIP: 0033:0x7f44bdd8db19
[ 2658.017229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.020691] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2658.022094] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2658.023435] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2658.024769] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2658.026175] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2658.027609] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2658.053087] FAULT_INJECTION: forcing a failure.
[ 2658.053087] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.055357] CPU: 0 PID: 30005 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2658.056646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.058229] Call Trace:
[ 2658.058724]  dump_stack+0x107/0x167
[ 2658.059408]  should_fail.cold+0x5/0xa
[ 2658.060113]  ? create_object.isra.0+0x3a/0xa30
[ 2658.060955]  should_failslab+0x5/0x20
[ 2658.061658]  kmem_cache_alloc+0x5b/0x310
[ 2658.062401]  ? mark_held_locks+0x9e/0xe0
[ 2658.063150]  create_object.isra.0+0x3a/0xa30
[ 2658.064126]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2658.065066]  kmem_cache_alloc+0x159/0x310
[ 2658.065983]  xas_alloc+0x336/0x440
[ 2658.066651]  xas_create+0x34a/0x10d0
[ 2658.067486]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2658.068653]  xas_store+0x8c/0x1c40
[ 2658.069453]  __xa_store+0x164/0x2d0
[ 2658.070256]  ? xa_delete_node+0x280/0x280
[ 2658.071036]  ? trace_hardirqs_on+0x5b/0x180
[ 2658.072016]  xa_store+0x31/0x50
[ 2658.072633]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2658.073685]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2658.074633]  ? alloc_fd+0x2e7/0x670
[ 2658.075442]  io_uring_setup+0x1fbb/0x2980
[ 2658.076235]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2658.077336]  ? wait_for_completion_io+0x270/0x270
[ 2658.078423]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.079574]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.080572]  do_syscall_64+0x33/0x40
[ 2658.081247]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.082203] RIP: 0033:0x7fea1df7ab19
[ 2658.082888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.086177] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2658.087545] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2658.088830] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2658.090111] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2658.091392] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2658.092688] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2658.113163] 9pnet: Insufficient options for proto=fd
17:43:31 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 1)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:43:31 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:43:31 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2658.270413] FAULT_INJECTION: forcing a failure.
[ 2658.270413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2658.272382] CPU: 0 PID: 30079 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2658.273502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.274843] Call Trace:
[ 2658.275283]  dump_stack+0x107/0x167
[ 2658.275871]  should_fail.cold+0x5/0xa
[ 2658.276510]  _copy_from_user+0x2e/0x1b0
[ 2658.277154]  io_uring_setup+0x9b/0x2980
[ 2658.277807]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2658.278595]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2658.279412]  ? wait_for_completion_io+0x270/0x270
[ 2658.280205]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2658.280950]  ? vfs_write+0x354/0xb10
[ 2658.281666]  ? fput_many+0x2f/0x1a0
[ 2658.282256]  ? ksys_write+0x1a9/0x260
[ 2658.282998]  ? __ia32_sys_read+0xb0/0xb0
[ 2658.283660]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.284672]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.285661]  do_syscall_64+0x33/0x40
[ 2658.286364]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.287346] RIP: 0033:0x7f7f12293b19
[ 2658.288056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.291567] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2658.292826] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2658.293972] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2658.295111] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2658.296242] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2658.297367] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:43:31 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 55)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:43:31 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 19)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:43:31 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 2)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2658.401686] FAULT_INJECTION: forcing a failure.
[ 2658.401686] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.403421] CPU: 0 PID: 30130 Comm: syz-executor.3 Not tainted 5.10.255 #1
17:43:31 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfSno=', @ANYRESHEX=r1])

[ 2658.404422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.405750] Call Trace:
[ 2658.406128]  dump_stack+0x107/0x167
[ 2658.406649]  should_fail.cold+0x5/0xa
[ 2658.407191]  ? create_object.isra.0+0x3a/0xa30
[ 2658.407838]  should_failslab+0x5/0x20
[ 2658.408390]  kmem_cache_alloc+0x5b/0x310
[ 2658.408971]  create_object.isra.0+0x3a/0xa30
[ 2658.409604]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2658.410322]  kmem_cache_alloc_trace+0x151/0x320
[ 2658.410974]  ? io_async_queue_proc+0x80/0x80
[ 2658.411603]  percpu_ref_init+0xd8/0x3d0
[ 2658.412181]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2658.412940]  io_uring_setup+0x14f6/0x2980
[ 2658.413532]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2658.414245]  ? wait_for_completion_io+0x270/0x270
[ 2658.414946]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.415681]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.416419]  do_syscall_64+0x33/0x40
[ 2658.416943]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.417663] RIP: 0033:0x7f44bdd8db19
[ 2658.418194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.419921] FAULT_INJECTION: forcing a failure.
[ 2658.419921] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.420775] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2658.420792] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2658.420800] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2658.420807] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2658.420815] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2658.420823] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2658.434978] CPU: 1 PID: 30131 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2658.436562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.438462] Call Trace:
[ 2658.439073]  dump_stack+0x107/0x167
[ 2658.439932]  should_fail.cold+0x5/0xa
[ 2658.440812]  ? xas_alloc+0x336/0x440
[ 2658.441668]  should_failslab+0x5/0x20
[ 2658.442543]  kmem_cache_alloc+0x5b/0x310
[ 2658.443485]  xas_alloc+0x336/0x440
[ 2658.444334]  xas_create+0x34a/0x10d0
[ 2658.445204]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2658.446411]  xas_store+0x8c/0x1c40
[ 2658.447243]  __xa_store+0x164/0x2d0
[ 2658.448121]  ? xa_delete_node+0x280/0x280
[ 2658.449361]  ? trace_hardirqs_on+0x5b/0x180
[ 2658.450697]  xa_store+0x31/0x50
[ 2658.451793]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2658.453276]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2658.454799]  ? alloc_fd+0x2e7/0x670
[ 2658.455953]  io_uring_setup+0x1fbb/0x2980
[ 2658.457278]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2658.458731]  ? wait_for_completion_io+0x270/0x270
[ 2658.459929]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.461404]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.462913]  do_syscall_64+0x33/0x40
[ 2658.463823]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.465022] RIP: 0033:0x7fea1df7ab19
[ 2658.466059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.470221] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2658.471952] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2658.473565] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2658.475185] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2658.476836] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2658.478449] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:43:31 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:43:31 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x0, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2658.504373] 9pnet: Insufficient options for proto=fd
17:43:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000100)="3f2082cabc9f8f89c052303d718a07d88ef29abe3c920dcc81dc8ab6ff602478334e8263479a10f5bf1fb190b08ecd8befb8")
signalfd(r3, &(0x7f00000000c0)={[0x59]}, 0x8)
dup3(r3, r2, 0x0)
copy_file_range(r1, &(0x7f0000000000)=0x5, r2, &(0x7f0000000040)=0x6, 0x4, 0x0)

[ 2658.517329] FAULT_INJECTION: forcing a failure.
[ 2658.517329] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.518893] CPU: 0 PID: 30138 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2658.519801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.520895] Call Trace:
[ 2658.521248]  dump_stack+0x107/0x167
[ 2658.521732]  should_fail.cold+0x5/0xa
[ 2658.522234]  ? io_uring_setup+0x258/0x2980
[ 2658.522793]  should_failslab+0x5/0x20
[ 2658.523293]  kmem_cache_alloc_trace+0x55/0x320
[ 2658.523907]  io_uring_setup+0x258/0x2980
[ 2658.524443]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2658.525093]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2658.525751]  ? wait_for_completion_io+0x270/0x270
[ 2658.526408]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.527090]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.527786]  do_syscall_64+0x33/0x40
[ 2658.528290]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.528968] RIP: 0033:0x7f7f12293b19
[ 2658.529453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.531864] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2658.532873] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2658.533806] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2658.534738] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2658.535661] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2658.536603] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:43:31 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:43:31 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:43:31 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 56)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:43:31 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2658.697197] FAULT_INJECTION: forcing a failure.
[ 2658.697197] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.698865] CPU: 0 PID: 30254 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2658.699661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.700741] Call Trace:
[ 2658.701053]  dump_stack+0x107/0x167
[ 2658.701482]  should_fail.cold+0x5/0xa
[ 2658.701922]  ? ___slab_alloc+0x360/0x700
[ 2658.702389]  ? create_object.isra.0+0x3a/0xa30
[ 2658.702916]  should_failslab+0x5/0x20
[ 2658.703355]  kmem_cache_alloc+0x5b/0x310
[ 2658.703828]  create_object.isra.0+0x3a/0xa30
[ 2658.704343]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2658.704933]  kmem_cache_alloc+0x159/0x310
[ 2658.705417]  xas_alloc+0x336/0x440
[ 2658.705831]  xas_create+0x34a/0x10d0
[ 2658.706268]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2658.706874]  xas_store+0x8c/0x1c40
[ 2658.707305]  __xa_store+0x164/0x2d0
[ 2658.707726]  ? xa_delete_node+0x280/0x280
[ 2658.708216]  ? trace_hardirqs_on+0x5b/0x180
[ 2658.708720]  xa_store+0x31/0x50
[ 2658.709105]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2658.709661]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2658.710259]  ? alloc_fd+0x2e7/0x670
[ 2658.710688]  io_uring_setup+0x1fbb/0x2980
[ 2658.711170]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2658.711748]  ? wait_for_completion_io+0x270/0x270
[ 2658.712325]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.712925]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.713517]  do_syscall_64+0x33/0x40
[ 2658.713948]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.714535] RIP: 0033:0x7fea1df7ab19
[ 2658.714966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.717072] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2658.717949] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2658.718765] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2658.719572] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2658.720391] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2658.721198] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:43:32 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfTno=', @ANYRESHEX=r1])

[ 2658.753956] 9pnet: Insufficient options for proto=fd
17:43:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 20)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2673.865078] FAULT_INJECTION: forcing a failure.
[ 2673.865078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2673.866867] CPU: 0 PID: 30374 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2673.868057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2673.869212] Call Trace:
[ 2673.869584]  dump_stack+0x107/0x167
[ 2673.870100]  should_fail.cold+0x5/0xa
[ 2673.870649]  _copy_to_user+0x2e/0x180
[ 2673.871195]  io_uring_setup+0x11b5/0x2980
[ 2673.871792]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2673.872499]  ? wait_for_completion_io+0x270/0x270
[ 2673.873191]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2673.873929]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2673.874641]  do_syscall_64+0x33/0x40
[ 2673.875155]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2673.875865] RIP: 0033:0x7f44bdd8db19
[ 2673.876387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
17:43:47 executing program 1:
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f00000002c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x68001, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x3, 0x0)
r2 = openat(r1, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000000c0), 0x109902, 0x0)
mkdirat(r3, &(0x7f0000000100)='./file1\x00', 0x10)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
r6 = dup3(r5, r4, 0x0)
ioctl$CDROMMULTISESSION(r6, 0x5310, &(0x7f0000000040)={@msf, 0x0, 0x1})
openat(r6, &(0x7f0000000040)='./file1\x00', 0x2040, 0x20)
sendfile(r0, r2, 0x0, 0x100000001)

17:43:47 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 57)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:43:47 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:43:47 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:43:47 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:43:47 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 3)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:43:47 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfVno=', @ANYRESHEX=r1])

[ 2673.878947] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2673.878963] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2673.878971] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2673.878979] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2673.878987] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2673.878995] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2673.895240] FAULT_INJECTION: forcing a failure.
[ 2673.895240] name failslab, interval 1, probability 0, space 0, times 0
[ 2673.895255] CPU: 0 PID: 30373 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2673.895263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2673.895267] Call Trace:
[ 2673.895284]  dump_stack+0x107/0x167
[ 2673.895299]  should_fail.cold+0x5/0xa
[ 2673.895314]  ? xas_alloc+0x336/0x440
17:43:47 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2673.895328]  should_failslab+0x5/0x20
17:43:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 21)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:43:47 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 58)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:43:47 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 4)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2673.895341]  kmem_cache_alloc+0x5b/0x310
[ 2673.895360]  xas_alloc+0x336/0x440
[ 2673.895376]  xas_create+0x34a/0x10d0
[ 2673.895403]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2673.895419]  xas_store+0x8c/0x1c40
[ 2673.895449]  __xa_store+0x164/0x2d0
[ 2673.895464]  ? xa_delete_node+0x280/0x280
[ 2673.895485]  ? trace_hardirqs_on+0x5b/0x180
[ 2673.895505]  xa_store+0x31/0x50
[ 2673.895520]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2673.895535]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2673.895547]  ? alloc_fd+0x2e7/0x670
[ 2673.895571]  io_uring_setup+0x1fbb/0x2980
[ 2673.895592]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2673.895603]  ? wait_for_completion_io+0x270/0x270
[ 2673.895636]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2673.895650]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2673.895667]  do_syscall_64+0x33/0x40
[ 2673.895680]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2673.895688] RIP: 0033:0x7fea1df7ab19
[ 2673.895701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2673.895708] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2673.895722] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2673.895730] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2673.895737] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2673.895744] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2673.895752] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2673.913259] 9pnet: Insufficient options for proto=fd
[ 2673.917483] FAULT_INJECTION: forcing a failure.
[ 2673.917483] name failslab, interval 1, probability 0, space 0, times 0
[ 2673.917496] CPU: 0 PID: 30376 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2673.917503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2673.917507] Call Trace:
[ 2673.917521]  dump_stack+0x107/0x167
[ 2673.917541]  should_fail.cold+0x5/0xa
[ 2673.917556]  ? create_object.isra.0+0x3a/0xa30
[ 2673.917572]  should_failslab+0x5/0x20
[ 2673.917589]  kmem_cache_alloc+0x5b/0x310
[ 2673.917608]  create_object.isra.0+0x3a/0xa30
[ 2673.917619]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2673.917637]  kmem_cache_alloc_trace+0x151/0x320
[ 2673.917655]  io_uring_setup+0x258/0x2980
[ 2673.917669]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2673.917685]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2673.917695]  ? wait_for_completion_io+0x270/0x270
[ 2673.917726]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2673.917739]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2673.917755]  do_syscall_64+0x33/0x40
[ 2673.917768]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2673.917776] RIP: 0033:0x7f7f12293b19
[ 2673.917788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2673.917794] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2673.917807] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2673.917815] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2673.917822] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2673.917829] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2673.917837] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2674.041704] FAULT_INJECTION: forcing a failure.
[ 2674.041704] name failslab, interval 1, probability 0, space 0, times 0
[ 2674.041719] CPU: 0 PID: 30486 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2674.041726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2674.041730] Call Trace:
[ 2674.041748]  dump_stack+0x107/0x167
[ 2674.041763]  should_fail.cold+0x5/0xa
[ 2674.041778]  ? __d_alloc+0x2a/0x990
[ 2674.041791]  should_failslab+0x5/0x20
[ 2674.041803]  kmem_cache_alloc+0x5b/0x310
[ 2674.041820]  __d_alloc+0x2a/0x990
[ 2674.041832]  ? find_held_lock+0x2c/0x110
[ 2674.041847]  d_alloc_pseudo+0x19/0x70
[ 2674.041859]  alloc_file_pseudo+0xce/0x250
[ 2674.041870]  ? trace_hardirqs_on+0x5b/0x180
[ 2674.041880]  ? alloc_file+0x5a0/0x5a0
[ 2674.041905]  anon_inode_getfile+0xc8/0x1f0
[ 2674.041923]  io_uring_setup+0x138b/0x2980
[ 2674.041941]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2674.041953]  ? wait_for_completion_io+0x270/0x270
[ 2674.041982]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2674.041996]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2674.042011]  do_syscall_64+0x33/0x40
[ 2674.042023]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2674.042031] RIP: 0033:0x7f44bdd8db19
[ 2674.042043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2674.042049] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2674.042062] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2674.042070] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2674.042077] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2674.042084] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2674.042091] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2674.076243] FAULT_INJECTION: forcing a failure.
[ 2674.076243] name failslab, interval 1, probability 0, space 0, times 0
[ 2674.076257] CPU: 0 PID: 30485 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2674.076264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2674.076268] Call Trace:
[ 2674.076284]  dump_stack+0x107/0x167
[ 2674.076299]  should_fail.cold+0x5/0xa
[ 2674.076314]  ? create_object.isra.0+0x3a/0xa30
[ 2674.076326]  should_failslab+0x5/0x20
[ 2674.076338]  kmem_cache_alloc+0x5b/0x310
[ 2674.076351]  ? mark_held_locks+0x9e/0xe0
[ 2674.076367]  create_object.isra.0+0x3a/0xa30
[ 2674.076377]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2674.076394]  kmem_cache_alloc+0x159/0x310
[ 2674.076412]  xas_alloc+0x336/0x440
[ 2674.076427]  xas_create+0x34a/0x10d0
[ 2674.076449]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2674.076464]  xas_store+0x8c/0x1c40
[ 2674.076488]  __xa_store+0x164/0x2d0
[ 2674.076502]  ? xa_delete_node+0x280/0x280
[ 2674.076521]  ? trace_hardirqs_on+0x5b/0x180
[ 2674.076544]  xa_store+0x31/0x50
[ 2674.076558]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2674.076571]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2674.076582]  ? alloc_fd+0x2e7/0x670
[ 2674.076604]  io_uring_setup+0x1fbb/0x2980
[ 2674.076623]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2674.076633]  ? wait_for_completion_io+0x270/0x270
[ 2674.076663]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2674.076676]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2674.076691]  do_syscall_64+0x33/0x40
[ 2674.076703]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2674.076711] RIP: 0033:0x7fea1df7ab19
[ 2674.076722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2674.076729] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2674.076742] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2674.076749] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2674.076756] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2674.076763] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2674.076769] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2674.082437] FAULT_INJECTION: forcing a failure.
[ 2674.082437] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2674.082449] CPU: 0 PID: 30489 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2674.082456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2674.082459] Call Trace:
[ 2674.082472]  dump_stack+0x107/0x167
[ 2674.082486]  should_fail.cold+0x5/0xa
[ 2674.082502]  __alloc_pages_nodemask+0x182/0x600
[ 2674.082518]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2674.082542]  ? lock_downgrade+0x6d0/0x6d0
[ 2674.082561]  alloc_pages_current+0x187/0x280
[ 2674.082574]  kmalloc_order+0x35/0x160
[ 2674.082588]  kmalloc_order_trace+0x14/0xa0
[ 2674.082602]  io_uring_setup+0x33c/0x2980
[ 2674.082615]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2674.082630]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2674.082641]  ? wait_for_completion_io+0x270/0x270
[ 2674.082669]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2674.082682]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2674.082697]  do_syscall_64+0x33/0x40
[ 2674.082709]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2674.082717] RIP: 0033:0x7f7f12293b19
[ 2674.082728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2674.082735] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2674.082747] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2674.082754] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2674.082761] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2674.082768] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2674.082776] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:04 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfbno=', @ANYRESHEX=r1])

17:44:04 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:04 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x0, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:04 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 59)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:44:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 22)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:44:04 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 5)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:04 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:04 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = inotify_init()
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, &(0x7f00000002c0)={{0x7, 0x1}, 0x100, './file1\x00'})
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
syz_io_uring_setup(0x7ad0, &(0x7f0000000480)={0x0, 0x4ace, 0x10, 0x2, 0x1f1, 0x0, r0}, &(0x7f0000142000/0x3000)=nil, &(0x7f00003b9000/0x1000)=nil, &(0x7f0000000500), &(0x7f0000000540)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f00000005c0)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x1, &(0x7f0000000580)={0x77359400}, 0x1, 0x1}, 0x5)
sendfile(r0, r2, 0x0, 0x100000001)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={<r4=>r0, 0x5, 0x5, 0x7f})
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r0)
r5 = syz_open_dev$mouse(&(0x7f0000000040), 0x5, 0x80)
r6 = perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0)}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x43c003, 0x0)
r8 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r8, 0x0)
vmsplice(r8, &(0x7f0000001140)=[{0x0}], 0x1, 0x0)
r9 = openat(r8, &(0x7f00000000c0)='./file1/file0\x00', 0x2a3003, 0x108)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r9, 0xc0502100, &(0x7f0000000140)={<r10=>0x0})
r11 = perf_event_open$cgroup(&(0x7f00000001c0)={0x1, 0x80, 0x8, 0x81, 0x40, 0x6, 0x0, 0x1, 0x18034, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x0, @perf_config_ext={0x1000, 0x10001}, 0x8020, 0x7, 0x6, 0x1, 0x6, 0x3, 0x4000, 0x0, 0x6, 0x0, 0xffffffffffffaa38}, r7, 0x2, r6, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r9, 0x40182103, &(0x7f0000000240)={r10, 0x1, r11, 0xea8})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f00000000c0)={r10, 0x0, r0, 0x4000, 0x80000})

[ 2691.204936] 9pnet: Insufficient options for proto=fd
[ 2691.246329] FAULT_INJECTION: forcing a failure.
[ 2691.246329] name failslab, interval 1, probability 0, space 0, times 0
[ 2691.249162] CPU: 0 PID: 30522 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2691.250833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2691.252847] Call Trace:
[ 2691.253490]  dump_stack+0x107/0x167
[ 2691.254379]  should_fail.cold+0x5/0xa
[ 2691.255304]  ? create_object.isra.0+0x3a/0xa30
[ 2691.256427]  should_failslab+0x5/0x20
[ 2691.257358]  kmem_cache_alloc+0x5b/0x310
[ 2691.258352]  create_object.isra.0+0x3a/0xa30
[ 2691.259417]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2691.260666]  kmem_cache_alloc+0x159/0x310
[ 2691.261698]  __d_alloc+0x2a/0x990
[ 2691.262538]  ? find_held_lock+0x2c/0x110
[ 2691.263402]  d_alloc_pseudo+0x19/0x70
[ 2691.264222]  alloc_file_pseudo+0xce/0x250
[ 2691.265098]  ? trace_hardirqs_on+0x5b/0x180
[ 2691.266015]  ? alloc_file+0x5a0/0x5a0
[ 2691.266848]  anon_inode_getfile+0xc8/0x1f0
[ 2691.267756]  io_uring_setup+0x138b/0x2980
[ 2691.268659]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2691.269736]  ? wait_for_completion_io+0x270/0x270
[ 2691.270787]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2691.271915]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2691.273025]  do_syscall_64+0x33/0x40
[ 2691.273862]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2691.275083] RIP: 0033:0x7f44bdd8db19
[ 2691.275878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2691.279788] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2691.281410] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2691.282924] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2691.284446] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2691.285963] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2691.287477] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2691.299433] FAULT_INJECTION: forcing a failure.
[ 2691.299433] name failslab, interval 1, probability 0, space 0, times 0
[ 2691.301867] CPU: 0 PID: 30521 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2691.303589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2691.305628] Call Trace:
[ 2691.306274]  dump_stack+0x107/0x167
[ 2691.307167]  should_fail.cold+0x5/0xa
[ 2691.308107]  ? create_object.isra.0+0x3a/0xa30
[ 2691.309232]  should_failslab+0x5/0x20
[ 2691.310173]  kmem_cache_alloc+0x5b/0x310
[ 2691.311176]  create_object.isra.0+0x3a/0xa30
[ 2691.312260]  ? kasan_unpoison_shadow+0x33/0x50
[ 2691.313376]  kmalloc_order+0xfe/0x160
[ 2691.314326]  kmalloc_order_trace+0x14/0xa0
[ 2691.315357]  io_uring_setup+0x33c/0x2980
[ 2691.316367]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2691.317548]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2691.318792]  ? wait_for_completion_io+0x270/0x270
[ 2691.320009]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2691.321304]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2691.322571]  do_syscall_64+0x33/0x40
[ 2691.323499]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2691.324768] RIP: 0033:0x7f7f12293b19
[ 2691.325676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2691.330166] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2691.332018] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2691.333746] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2691.335467] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2691.337202] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2691.338926] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:04 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:04 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2691.359209] FAULT_INJECTION: forcing a failure.
[ 2691.359209] name failslab, interval 1, probability 0, space 0, times 0
[ 2691.362086] CPU: 0 PID: 30529 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2691.363737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2691.365745] Call Trace:
[ 2691.366388]  dump_stack+0x107/0x167
[ 2691.367276]  should_fail.cold+0x5/0xa
[ 2691.368225]  ? xas_alloc+0x336/0x440
[ 2691.369124]  should_failslab+0x5/0x20
[ 2691.370131]  kmem_cache_alloc+0x5b/0x310
[ 2691.371118]  xas_alloc+0x336/0x440
[ 2691.371982]  xas_create+0x34a/0x10d0
[ 2691.372906]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2691.374152]  xas_store+0x8c/0x1c40
17:44:04 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfgno=', @ANYRESHEX=r1])

[ 2691.375020]  __xa_store+0x164/0x2d0
[ 2691.376030]  ? xa_delete_node+0x280/0x280
[ 2691.377045]  ? trace_hardirqs_on+0x5b/0x180
[ 2691.378080]  xa_store+0x31/0x50
[ 2691.378867]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2691.380013]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2691.381254]  ? alloc_fd+0x2e7/0x670
[ 2691.382132]  io_uring_setup+0x1fbb/0x2980
[ 2691.383128]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2691.384340]  ? wait_for_completion_io+0x270/0x270
[ 2691.385520]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2691.386762]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2691.387989]  do_syscall_64+0x33/0x40
[ 2691.388881]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2691.390097] RIP: 0033:0x7fea1df7ab19
[ 2691.390982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2691.395349] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2691.397154] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2691.398832] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2691.400529] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2691.402206] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2691.403874] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:04 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 6)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 23)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:44:04 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 60)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 2691.513250] 9pnet: Insufficient options for proto=fd
17:44:04 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:04 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2691.590255] FAULT_INJECTION: forcing a failure.
[ 2691.590255] name failslab, interval 1, probability 0, space 0, times 0
[ 2691.591695] CPU: 1 PID: 30699 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2691.592752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2691.593769] Call Trace:
[ 2691.594126]  dump_stack+0x107/0x167
[ 2691.594680]  should_fail.cold+0x5/0xa
[ 2691.595151]  ? io_uring_setup+0x40b/0x2980
[ 2691.595776]  should_failslab+0x5/0x20
[ 2691.596424]  kmem_cache_alloc_trace+0x55/0x320
[ 2691.596995]  io_uring_setup+0x40b/0x2980
[ 2691.597501]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2691.598101]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2691.598869]  ? wait_for_completion_io+0x270/0x270
[ 2691.599480]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2691.600129]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2691.600876]  do_syscall_64+0x33/0x40
[ 2691.601389]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2691.602230] RIP: 0033:0x7f7f12293b19
[ 2691.602728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2691.605027] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2691.605961] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2691.606996] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2691.608047] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2691.608924] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2691.609788] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2691.613861] FAULT_INJECTION: forcing a failure.
[ 2691.613861] name failslab, interval 1, probability 0, space 0, times 0
[ 2691.615300] CPU: 1 PID: 30701 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2691.616252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2691.617512] Call Trace:
[ 2691.617910]  dump_stack+0x107/0x167
[ 2691.618359]  should_fail.cold+0x5/0xa
[ 2691.618824]  ? __alloc_file+0x21/0x320
[ 2691.619395]  should_failslab+0x5/0x20
[ 2691.619897]  kmem_cache_alloc+0x5b/0x310
[ 2691.620402]  __alloc_file+0x21/0x320
[ 2691.620855]  alloc_empty_file+0x6d/0x170
[ 2691.621345]  alloc_file+0x5e/0x5a0
[ 2691.621779]  alloc_file_pseudo+0x16a/0x250
[ 2691.622290]  ? alloc_file+0x5a0/0x5a0
[ 2691.622799]  anon_inode_getfile+0xc8/0x1f0
[ 2691.623458]  io_uring_setup+0x138b/0x2980
[ 2691.624013]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2691.624779]  ? wait_for_completion_io+0x270/0x270
[ 2691.625491]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2691.626268]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2691.626899]  do_syscall_64+0x33/0x40
[ 2691.627392]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2691.628100] RIP: 0033:0x7f44bdd8db19
[ 2691.628602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2691.631256] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2691.632282] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2691.633321] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2691.634336] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2691.635416] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2691.636558] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2691.673718] FAULT_INJECTION: forcing a failure.
[ 2691.673718] name failslab, interval 1, probability 0, space 0, times 0
[ 2691.675124] CPU: 1 PID: 30713 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2691.675943] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2691.676932] Call Trace:
[ 2691.677250]  dump_stack+0x107/0x167
[ 2691.677683]  should_fail.cold+0x5/0xa
[ 2691.678135]  ? create_object.isra.0+0x3a/0xa30
[ 2691.678674]  should_failslab+0x5/0x20
[ 2691.679125]  kmem_cache_alloc+0x5b/0x310
[ 2691.679606]  ? mark_held_locks+0x9e/0xe0
[ 2691.680091]  create_object.isra.0+0x3a/0xa30
[ 2691.680671]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2691.681325]  kmem_cache_alloc+0x159/0x310
[ 2691.681826]  xas_alloc+0x336/0x440
[ 2691.682250]  xas_create+0x34a/0x10d0
[ 2691.682695]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2691.683317]  xas_store+0x8c/0x1c40
[ 2691.683748]  __xa_store+0x164/0x2d0
[ 2691.684179]  ? xa_delete_node+0x280/0x280
[ 2691.684682]  ? trace_hardirqs_on+0x5b/0x180
[ 2691.685197]  xa_store+0x31/0x50
[ 2691.685588]  __io_uring_add_tctx_node+0x1cf/0x520
[ 2691.686155]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2691.686770]  ? alloc_fd+0x2e7/0x670
[ 2691.687206]  io_uring_setup+0x1fbb/0x2980
[ 2691.687703]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2691.688305]  ? wait_for_completion_io+0x270/0x270
[ 2691.688884]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2691.689498]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2691.690103]  do_syscall_64+0x33/0x40
[ 2691.690538]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2691.691137] RIP: 0033:0x7fea1df7ab19
[ 2691.691576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2691.693730] RSP: 002b:00007fea1b4f0108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2691.694620] RAX: ffffffffffffffda RBX: 00007fea1e08df60 RCX: 00007fea1df7ab19
[ 2691.695455] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2691.696294] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2691.697125] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2691.697954] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:21 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 61)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:44:21 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:21 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:21 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 7)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:21 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfqno=', @ANYRESHEX=r1])

17:44:21 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:21 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 24)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:44:21 executing program 1:
syz_genetlink_get_family_id$gtp(&(0x7f0000000380), 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x4, 0x4000, @fd=r1, 0x7f, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/211, 0xd3}, {&(0x7f0000000000)=""/36, 0x24}], 0x2, 0x1b, 0x1}, 0x9)
[ 2707.784455] FAULT_INJECTION: forcing a failure.
[ 2707.784455] name failslab, interval 1, probability 0, space 0, times 0
[ 2707.786405] CPU: 0 PID: 30753 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2707.787558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2707.788950] Call Trace:
[ 2707.789395]  dump_stack+0x107/0x167
[ 2707.789836] FAULT_INJECTION: forcing a failure.
[ 2707.789836] name failslab, interval 1, probability 0, space 0, times 0
[ 2707.790020]  should_fail.cold+0x5/0xa
[ 2707.793011]  ? __alloc_file+0x21/0x320
[ 2707.793686]  should_failslab+0x5/0x20
[ 2707.794316]  kmem_cache_alloc+0x5b/0x310
[ 2707.795005]  __alloc_file+0x21/0x320
[ 2707.795624]  alloc_empty_file+0x6d/0x170
[ 2707.796309]  alloc_file+0x5e/0x5a0
[ 2707.796908]  alloc_file_pseudo+0x16a/0x250
[ 2707.797607]  ? alloc_file+0x5a0/0x5a0
[ 2707.798257]  anon_inode_getfile+0xc8/0x1f0
[ 2707.798966]  io_uring_setup+0x138b/0x2980
[ 2707.799665]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2707.800512]  ? wait_for_completion_io+0x270/0x270
[ 2707.801335]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2707.802203]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2707.803065]  do_syscall_64+0x33/0x40
[ 2707.803696]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2707.804573] RIP: 0033:0x7f44bdd8db19
[ 2707.805203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2707.808247] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2707.809507] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2707.810702] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2707.811877] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2707.813052] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2707.814212] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2707.815435] CPU: 1 PID: 30748 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2707.817027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2707.818769] Call Trace:
[ 2707.819354]  dump_stack+0x107/0x167
[ 2707.820127]  should_fail.cold+0x5/0xa
[ 2707.820939]  ? create_object.isra.0+0x3a/0xa30
[ 2707.821896]  should_failslab+0x5/0x20
[ 2707.822706]  kmem_cache_alloc+0x5b/0x310
[ 2707.823566]  create_object.isra.0+0x3a/0xa30
[ 2707.824500]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2707.825566]  kmem_cache_alloc_trace+0x151/0x320
[ 2707.826577]  io_uring_setup+0x40b/0x2980
[ 2707.827444]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2707.828496]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2707.829544]  ? wait_for_completion_io+0x270/0x270
[ 2707.830580]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2707.831683]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2707.832769]  do_syscall_64+0x33/0x40
[ 2707.833565]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2707.834639] RIP: 0033:0x7f7f12293b19
[ 2707.835422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2707.839940] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2707.841933] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2707.843743] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2707.845379] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2707.846892] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2707.848392] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2707.863143] 9pnet: Insufficient options for proto=fd
[ 2707.863721] FAULT_INJECTION: forcing a failure.
[ 2707.863721] name failslab, interval 1, probability 0, space 0, times 0
[ 2707.867000] CPU: 1 PID: 30745 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2707.868665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2707.870393] Call Trace:
[ 2707.870966]  dump_stack+0x107/0x167
[ 2707.871744]  should_fail.cold+0x5/0xa
[ 2707.872565]  ? vm_area_dup+0x78/0x290
[ 2707.873371]  should_failslab+0x5/0x20
[ 2707.874181]  kmem_cache_alloc+0x5b/0x310
[ 2707.875063]  vm_area_dup+0x78/0x290
[ 2707.875847]  ? lock_release+0x680/0x680
[ 2707.876697]  ? mark_lock+0xf5/0x2df0
[ 2707.877486]  ? mark_lock+0xf5/0x2df0
[ 2707.878282]  ? lock_chain_count+0x20/0x20
[ 2707.879160]  ? mark_lock+0xf5/0x2df0
[ 2707.879945]  ? lock_chain_count+0x20/0x20
[ 2707.880823]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2707.881895]  ? lock_chain_count+0x20/0x20
[ 2707.882770]  ? mark_lock+0xf5/0x2df0
[ 2707.883550]  ? vm_area_alloc+0x110/0x110
[ 2707.884417]  ? __lock_acquire+0x1657/0x5b00
[ 2707.885331]  ? mark_held_locks+0x9e/0xe0
[ 2707.886194]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2707.887292]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2707.888394]  ? trace_hardirqs_on+0x5b/0x180
[ 2707.889313]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2707.890455]  ? vmacache_find+0x55/0x2a0
[ 2707.891298]  __split_vma+0xa8/0x4e0
[ 2707.892045]  __do_munmap+0x365/0x1260
[ 2707.892858]  ? arch_get_unmapped_area+0x450/0x450
[ 2707.893849]  ? lock_release+0x680/0x680
[ 2707.894661]  mmap_region+0x7cc/0x1500
[ 2707.895463]  do_mmap+0x868/0x1370
[ 2707.896192]  vm_mmap_pgoff+0x198/0x1f0
[ 2707.896999]  ? randomize_page+0xb0/0xb0
[ 2707.897827]  ksys_mmap_pgoff+0x41c/0x560
[ 2707.898668]  ? find_mergeable_anon_vma+0x250/0x250
[ 2707.899684]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2707.900771]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2707.901833]  do_syscall_64+0x33/0x40
[ 2707.902600]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2707.903643] RIP: 0033:0x7fea1df7ab62
[ 2707.904407] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2707.908211] RSP: 002b:00007fea1b4f00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2707.909795] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fea1df7ab62
[ 2707.911307] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2707.912824] RBP: 0000000020ffe000 R08: 0000000000000008 R09: 0000000000000000
[ 2707.914341] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000080
[ 2707.915842] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
sendmsg$inet(r0, &(0x7f0000003880)={&(0x7f0000000440)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000680)=[{&(0x7f0000000740)="e21647a130393a719d0fda5d3d056f8c73a33072d74e30e9c26b61588d2d6c3587282c78a63c46cf3398a93d04a70edc2c6af90a28fcfe87ae1cb3abcdd4cc0c397daf2b6cd854c1c342c99c56cbff74a2ece3f121ae5f5c11c193301d6840aabc0c849b2245374e65a29d44d41e4a33a775a45e47ca60c53d9f9e611947a82385fd28777e939c6449b5dc6f36fc9bec7db055bc9fcbb274d69eb0f64f2b3d81da220aaace49fe8708b853da7c9566516c82ed0ade3eb630ad048216036672298de103599e5c3060d22fd844b2d7ac2aa23f7c6893621fb74c3db004414b7c9a1b86d48d41862070244bc5cca466ae987cc52097d4bf497955c371f6f9a24f4d98c38d107da8d1e0d7973854eb18fe4187f87d9079b8ca8e34c6a5e198ad58fb32093d535fdd05106c6c263af4cf7608b424a00c4ee15c1049dd4f6b9b4bd28efd881187ecd952b7a1b8d625a3eaafaa91bebc32ff2b482d6e241704371d0ad64d17565ed37f2b699bf9d00b75bd557230716e1d760312dbe93475f38c912dd6d7cf4d206ace56526dfc42f1f601f366655ecc3d60927481a1c0b13cfb6f44b50084cc714880c5432a38d7223da6078b99897fe0792abf1390e2ee514f6791d1acc64780e6f21b046d0e13b623fc4027084bd10fcf5133f59472cb511999decbe90d95f7092ce3db018a7cc37012c21b653e46ec70de00587d8a409d2b32f24168701f06d44110e047186bb43d6519a0fc9c7328f8a7c2d3c5e4389a4b4a3c81b57be0170bf8e0aeb09af9c430832337fcdabf5325ce97e3905552c46bf866d23f27cf997be2e8cd8005f0933429c4269f1d380b7118e1ae850d7776aab74092c1d85fed6c3a9de53c48825409a7a97e797d892dad0369edd5fc525e39e1f3dc9a5de91459bdd2457493717a9b9b6e5a41d1d9761d6956056f20a710c6c20e2de4158a3816b45338c36b5c0807fae4e7a1e376ed1fa8ddd604be68f58a7d51c4971e24a126b07924b62e26c270999b394751258e4a46b758a40c702dfecb20c52530c250a26cb67caa71e1024db5855b7b3fca34c3bba0ba79b281cbeead939d3d6fe814366f660911d065bc3392845fc3557bfd448a72bee4ca2e6f1aaf8ea781fff61284280895039d29eb72f775dec032e473792ab02dec619e3b10ac1e3fbdd06700da463ebb2f5522f72b1990e2985fbea358c45b3d91f2fce93684765cea2d2db5b443f9b945be62638fa9f8c88a3f69d8a536c8d1ace12a1b0162a2db87b6d0e90bb214d55afb37462eb0e9a8013b6938f6b6cd1c22c3fe0dc56d2a6ce25358c54f6f20f7bd46464bfb756d9feba0488a645ee2c25dda6f942512d131fef7424a6d4a1179cfd5c9deb2e0ef8135053b9ba5388c62592b21b3549d70720895728f5da1982454e7fd662ff2318623f16e23e217ed583d5caddd71926a85e048b012b589ffcbf251d5be72f6382d26bd50623ff583f7ebff22b424c46430260bd661f05f8fdfccf881526b5ad796f2530fc563b71e9c08ceee438450c25eec562aee9f5d05b2b768240f4dd2c8837e04bdd8dfdb9ebc466ff24e291e5af853b76693e569a4a356fca73a4e4f2473f95e55255c7617be9e7e58adaecb2aae446a5675d186e4796ca5a65a9e25999eb64609f6b7a296a42badc0a23e948228cfd1d5e41adf844e22135633368994c9891a5fc9de301da50535bdf1023c072e784a8eb4c401441f0bdf2e793bce904aaf8825ef4ed638e675213303bfa6bd8ade1f1a9558787e00f6cba5bd4ec2f8b244e20b8ff8b3a60845fcf7c4293d1f159bad2a85d7364fb0c39964b4d856790b695735d0ba925f038a5b465f3cc3bad04b4b5f7712b819392511c2934ec0feac824b9921a7a7b733eb3d267f1d8c20fdc7b4a4b2311a34c90eead03cf809ac3e9db68aedaa40177f64383412bde07005f36619f34746e4b08cab2c25e0ae7d1e4eceb5ab1d5727896d856bc1eaddf7a673ef70d94e640c1a5cc769caa423aaebe129ded09f81b3d0da0ae0b706bd65566f1d47e43df65ec5f94da4ebbcce761b888e752ea9761d15411ffd8db8ade67ef6b7d0130dd7e9636367994c9afb04926ee12334ea8dd2f00135fb30dbdeaa1700807230a262ac92e2ad6862b3a94ebfc64857104c2695a0c3f4d86a2a782eda059ca85bff19ab644e8c47f33996dd0bb6e4378ee4baf9ac8a332e89c7a9887803aca2a31bcb0b2fd8533af9402c45efd587e605b09e1b726447c41630be320641f5dbf6c240cc0c1ae9a355724f1243ee36d787c91f727125bbc742ce628f8d864ec93f76a90c0ad039f7a609f60d97c344c958e9ca3dcfafaf5f51ea45dea329242fa50aad36f481eed7d71cc173e9fa82b5d4916d0114e94a0aee1b678197410b177d2da5336b38ff1a2e89cf41e35b2cf627bfdcb2a435ec9bce0916c7c9d3ee215b984e197311e8594cdcdc20dfdc4cdd2d8a249587e2bc154718c5a948fdc457f4bbce063f96a88f9a56757d615e0a7629d33807d73fa24fa6f636d21d909b2c72f0d074b7b41a280ef4be41b8f56466868b1dbfb09a0b7e4a2f41c555554598fc8f28da048cb9ac6a5857f33701289bf07953b281510c56f99ffdb6240eef1d3f7e2e9f113d090413d8297077e94d85d4aa6948110812adcd939165aef118bbafbe19cf350b89709f99486ef9e4bc1e83d2d6ac96661699336ac3c659e222bcdb10030463e17142ae11e9f161eec345d74dc2e02231a76ef5643cbe3a9e9e35e6eec6360ffeba8702f8c8a51f4dccf9c1be452598a46c12d70efad5344974203d6da38c3f4f62127c7c8635159889993fb2bfd787f97daa4329d38293cf4c252b91963ef14f4c87ba6ac3b08b71db94f6756e9fe149775f9657bbccec7fa6eeb32031fe0025e48d0b756d515aab06cad6e80de5b6d6b1a7e0bcda3c386fc577735d758022183358194534d43337787983896219db3987e98848026ff4b773593e5326e5942eb96e0aa2eebc7c6c6600696513cf620615742f8b0703761391a884ed55ce979e5005e764709c1c9229a79f6ab7c65a683a13374921c071a6875f394fde0585eaa010d960b0b39be0c9286c7a2b7568aba687736c44f03356caba081819cefb0bd5fde0457680ad717525fe0561385ccac5fc566587552b6e160c6f6bca50f5d29c131bcd1c91987913cc0908ab733befafb3fdc15b2a5e3ac82ea4ece9b45975d055c6059cbd7d168421b79993aa273c593aa321ec5af2968959c29ca9dad7e164a5e965989e271875ceae8fd3d633edc0b396223d372549cd6162240281f79e30fd84bddcba18844cf20298f2fd63df2d7a70deef7cd1f88e6d345290a1b083c9223ffec563ceff2e9c2d765afd25367e606540750b4d1899d8f039dacb837d2e2468edcdbff9da7a1734a1ac0669a21c9a35292ac5f2612b2636c844bb521315a46b8e3d58c19a4177d98d025f5791409ab0d716d4c28bfd08a69b193cb372b0b9609cddbbd980db9e6471612bd70eb8a39071aa2472c62c25e418d59744e53b65969ed4813ae88d9ade461760b60c6bd07edf937573bb35eedc0c0c0f54ad315dc4e6b3bd19217fa07b67cd0be600e4c6ba03c4d75b1b4b6b107dcfa3a8e1c45c326bc60ca7be8f4a1707c1417e44f33bb4e33acde89b39b23c511b122695ff3c301d5753cfaee30c1322fb897a754973275840708965aa788498d6e44caf67e8e5338f7aeead8d85e2a3f172eb28e25f79facab1e374eee1bd5f745b220ac48ad6d392cfb753e26fc0fe1e90a235240fe0422a052fbe52ee74aa22cf1e9cfa35e069fd5dfd6bdbaeb099e21ff5dafd9dec6efe320f34f480cbff72968e11004a3d9e939341288c666eb96a7c42c9e7df4467a053cf6a29608bba40f8c92713a007000ec6b79c6dcc8f9bde2f007ef972afb75f4627c147c7e9bc4b9d4a571c45302e922f563de3a269088275bbfa34a5ca08d6e614e3dc87b89436c917bbfdc40b30847148d1414a7171b52b6e6ede1ac2bac1f27abecaffb6e157b7141a580f09d074d347fb6742bae7c55702d548fcfe8c48b68d98dd88f9fdd654ff4bcb0f79c315bd860e8661111843fe20a6ea0a09d18e821177064f228c7dc9544fcecbc51299f2ca58439c719035a848e3be5bad130bb71984b44493c37f162fd233a9ccbdfc43897bb1548666a785af4c176b14d0e6cf568cd81000413a93a3befc3c9bb2d2cc313ed121f626fd98cd0d71668bb2aae0abda007da04984eef971ed4fcd1127992e4a815d0137c0a99be5c248c931c60128e2c2a495d457314215226400ec0f21e069392154ec1ca32f8bf1cd1c460354bb5345893d834535e86cb49541a7c4af67f08140f91abf0dd7d05e8e36b655f73875f625624708f911a9d474b9963bfbda0858a945ce420ec380ead6ee9d46e88e7dea444fc7f7190433330de2b24961d70d3858f0c709bc55e31185133d9b70d9d27a96dfe1bbece0e4031c76d0de3640a0c21d57e4cefc0e488b82af00e0818d030a7fee8da35b3d4820ee790466da66fd91c8678f4cf98b78465a010c2d86a833f435ed5d4bf4351634fc9fa34bd47ce311bbb3f2b326bb851e76376664b5411f1f8e806b811fa39297483a1d8261348e4ac17bbeda26241e80ce92f81656578038f5082307df45951aa2b2c68fc46c0391733d77f34c0c3fb30ed3fe1e1f56d5e90421c782aab42fd62e6bb0d9457c48bab443a80088fecf4cf8fde1fb931990500cfb39128935ea70668e447c0d93a54286c1417609770a1b832b19dc63bc22cf4265916b8d65e0c51a0580cd9c25721f534dd13db31439d8fd16b8995e45b495f1ed2690207853a71db698afe4411a1cec08950d295bbfffc5d737c258f40ba078ffaf9be2176657945323d3277cf546c567b3e4a53186441f7bc1baf47343868bc53de44c455788bf1e16cab4952f95064e305c6b9a1f213ece2d255c4c8232344731bb08758951e489d0592e0d84bc911fb613ca0361ed455c45d59be6e8d2dd84fad509f957c74d8b8f3ba0d209d4bf5cafa9b62c5d012e729895e650441391b4770a960b087c4fc0a6cb505d27f7e02a1e6050b8269661e01590851f7dc55afec797f9f9ec1f1a0a247a29dd9bee5244bce3ad6ef73339985546a5ef5649d75a1873b91e9a6f1c703b3abdccf544242e82349a1957ade26109d488ef6bfc5dd79207251fc9ce1aa5da68004ec6f48e0bad3468f0d7e2ddd30b8fe75a38407f33118e1ed32f34b95c13329d614db4e54641be5e62013d4531990c62a5663a968d5ecde9d8649427d1c5239201ab9b7652cffa3a2f57dc9cfdba87a3860fc674e7091c3d509e3c970eac6366fd0fa08a18152dca50010c00e46951e7321803aa1fc2115112234f6649c3203b9978b1396dd1f461823fb1c85ab916e4d3c63fc11da7a3dfcc6159a0d2be6c12c961ffc783689ec51c2a7fb4b6255c0c707db6774bac3e03e2506ed07f6277c4136a3e4019d8eebb187abbb112217bd2a91691f6764c9b29438999e5002819b2a980c9874f4e657ff9d2a8431b8f5b9092b6fa65ebb12de8caef8618923b4e51d0aa203f06d71b06f56cc2ccfca06d81919ed3f0c81e366953603d70225018228d9cbe02c1a91a0629eeb360d23976efc030901a76b1cf243f281c43c6ff3531d5c4ba8868ca12e222b162aae06a236846969d899ce3ef738ed7749334ac9ec9bda3fbce09f43377fc506414ced10558719d879f39b4f84530a7965f24b891cedd79dd6a5e036743d85742cb2804b7937e", 0x1000}, {&(0x7f0000000480)="77521e39b80afed0df246dab1368cd8df27a133effed9f28cef81ab994fc9547f93f70144f6e0e08840f5369902c0fd62e5f764164cf95cb1554fe5dade647c33aeee1e713e0c746414dc14edb7ed5eda61f02c88645b80c7d950e69f6bd127dfe59e47087762169e9e6dfb9b8899624834b02e50f6051", 0x77}, {&(0x7f0000001740)="c16ece95051e079dd114f31586ccf076ca4b1d80f018acaccca560869ad6c668f50879d773191a346339a1990b239b0cf643e50455bf9daa4ce87bec0b7e4d9b87259cd122911b6ff032abf1cc0884486b712f3b25a837d14be04a70b5479fc394f801fe232fe0981306a73009c027016f66a62682cee1f8135a476eedc7f8301b3635170f6bc92bed40a86c7f13904b96b83f1a955646728c4d9095a7fb8a67c7f4bbdaddb4960eb764dd3c85aed4325e17c83586ae5c2709c0155b6ff372d6f6868294d72e9840b08964b436de8e368f97d55f20b5952e4f6427c5a92100573195151a40f3954affcf2ae0e68acaeaa8d7cbf68496e69d1f019b072ad88e45f350366f01e2d1c14fe4357d31d0caa4e8d4d80dd61ef6f659e98eaec698ee6c497461ae76676448d5102ffa6c9afee01b9e89425ec26780b35d0b4adc27b3f79d89f9e0694071ca9316d801049eba9cec58d0bd1128693676e59e6dbec8a9f2cafc10032beec76e3a9e4188e1d898b7e62194c000e5d9fa9f3df55a90dcf99ef12f973641f980b01c528363b2b4c62e62f0fbefa07735db0e10f20a165f7eb3b4dd4edca3323936e51a250428dba828308598b7a9e6a9ca86b3b541505480da8ad0b450d4c062546c3a68abba93ac03a5d3ff60fe3532008389e1a77f5ee345c90db7d9d69707b368086e259589466d0245fee2a8326da989febdc908b483e5a43cd4613d7dd556b16f70a90fafe7e2af847d45452f414803b3b4cb494724c80296ba20d1100dd8de6cca56f508e6b0ba25f2379b1d8667105b55e706ea300c49125b9bc05d1c4cf13bd32db4c60e93b056129004ec8c73b0a277296932c17b0bbbeed5db18c63a4a69fa253aae3f733de77c011bd79a93149a25db5ea7418dc060f908d91b1a3c3340d6007e2ce9f0e1d733ecf6dea4cc98973e8ee2ff4f4e53ffc21e81bbe7250db902be129aa8e925e4187485db038416308ada4cc79f3c213283bbe6897fbdd02ee4bf017856ef4130f6371eb5b875afb3a95673b3c4c73adaeb0fcbc7611f402bf561bb0faa79fe08274c2f1d099301f89d16211ff00d62be20dc973f41240e663a4378dde6e1fc6c725a0f9aa4df17c6cadf9d8185dd6932185473dd70f2d26767ebaad77db360d8f6dbd6663f5d3c05317378f55f1846cf40322a316785373a3b3b72d1d5d8e41508e032a6fa3b4d8c43fd05430c01e3e6c51472d6aedb58e520a9fa33d7aa4fe4c8c4f3d10e2024d918c1bd281b89e79f95f3687f1f6fa4439491765d875c2c49a257ca409bcd9a3f8ab32832238679dbb79c2d67a837e37199422c9c9b3ba723bcd347eaf25e0bac26c087bb8d72e636e744624c493e2357b86bb2e47f865eb6f384a0bf831ffac688749bfb16471ed96738309f66d4c732165b0a3ae226b835ca8b8700a36f3033360bc039c35f574de5cb7f6953efae26fdc5f1c9482093fa75c9c34009c7d8c3a78b97f8b871b1b1bc461b72ef111a7f72857349852bb06892168aa5def37bb40fe64a8d1c46c117b1cc72dd1aa765ab2ac7fcbe63615e44b1e86597dbf084f40444f0f5b77915b876465e08fdababbd3552acec25bc85602c0a44b41eb18f0db169f01efcd9410a0499d501a9ed8cee300dc9a4d8d6aedad63110efe730caf92a9b7ca66ad16e88e563b4e78c8d096d6d3e7a36c5d3dc8b6cbc89bada58da5b9a0275ee17a7f796f997ec0d253dc806d1616fc62fcb5a6338021cfce05dd848331713f3723fe657becca0bafcb75fd1c707a184ebf81e51c65d16d46cff6c05c0f95b598936267b534c476e26b12932f249a66923e94370c16aa783ee691f38004a8c91066a5317b65c5242fedaf5bc82a903ede8f9a2a8e9dbfcd4e79fc4c3d5e6393711bf069b785ddeecc51f1f7115caf6f5071b4fe864e1ea7c701ba003c14ce7eccbc5207e204827a6bce956be377d22d6d7b4e5871385e103e71472759dd2d432ca8eee9db5a0e8b4a6f019f6f85b416ed25cb237e5da00145fe5f2be61a80329bc1ea5ee0d016378751e6b06359d6d517e4ee67769170aaf23da194d6b72818738a8baa2a0de923796333efb0494364c98678bbf5aed69fb2d4916e0c88f898a4f176af056a1823c6b84a16ddaa9759a509e8989af890d3b8896f7ea85ef39c40b64d4d6eef4c4bf0c4f700648ec95f7953059e24e9a3739cd315d50f2790534dc09202ab423b7f0c111c1d8a4b32f0c186420469b571cd661f9a07e311da4193406d209e0197b62a9afd1db1fdf201b5ec9f5d027ff5e815cf552557dd603ba545e6835b4e44a3d6b1f429dc8b316300d5fc09547e389316e94acfe49cf75da488965a2ce2ef7d1140194e5fb101c5a5e7bf781b44046c6a722a428dd43e85eb49374630458b81bbbc4901d855e66668b1a6357d772993e69f9136f4a259324ca93065cbec71f075ace984f9f185fa743bd09e6ace493b0e92540ef65f5b33225da7290592fee12e8ba3746ee92336260fef140226790696c367ecc09574fdf6cbf276eec63709ac892036429ff25ff98e7f0409277ae9f18e7ab0b09bddbad9e8cc653793aa85c7695382eb1624034ff366c582dd01f984e9a5af4efb7a7a14bfebcdf133b12188ec1cb6786d2a28f1153589966f7eee76216b492d47a39a9518444481d6e6e85328527449e243f27a498ce299f5b6739a78a5743e855441c9a617676f29a26880b63502fa74dbc5ed4ea314e7eca03df70d8c56acb34482d1964176fdf922c0be6c693b9f2d438ef79047cd945eed529375bc852696c4b322bab9884a0ff185527bfb84aec6dfc6ad8b01b19e29fcb071ccd433521744b2a36325bbe86959839a1021b394ba763858fd711586a59444df8da7999eff1bbef8006ecfe4285df0587d73cb46977a8ce2d52369086f7139375e2df6fd7aa865da8528a901f24af45d256e3afa03f097415294b2140e335d6a58d7600be3aec904b6927c3f9af0c8b1cef08349d6451f740d5886b6820779baf85ab5057c096adf4e529468d2bb6fa37d21cfd7f6a71cedaab6793e354a83bb78fd51abea3581b30c4c3834d564c284a6862fbf717615d81bba711cd0e718881ace2814d4b66f164a7f31268f92dad8e42b3e44aeb4fa7f70e353e6e3e138801381c1090f68e8d4ee23931bd902b404879f99105809c5891ec41e0682a3086e9d4bd0219624744f33e53e948da70df09b0b23f463ecea9a52eb30fffcd5c405b462bf97d33051819033b16b02374001289f8fef855574609e45ec470dbc448ff9a4787d9fd9c736133aff558a6fe6e610d317f873652ca1bb1383675b2d5986a134649a453722f4e87b9a5512ef51e90ddd46592f19c4d8e3caa492b8a1879c19bbc118cec43beb6684475cfd9bb402eb3ead4507dbf2e95e426bcbe3ccacee2e2dd26ba5a170f5aa1fee0ce8bb01ed1efbe867cfed757529d1df0546dee9bc3a55c52b29eb8ad5b3e9abb4de026ff494c136954efdb7844bd405a0956e18fc343d4885e8395a12b3c5752addcc3460e297dba34cf1d33261d0bd98c25c9d3cb9fbce1e64a9c37b90762337b8eb23bea3a03654fd6c01b2e258dd2b44cbae1b8ce1b7e738f6be80dbc9d92a12bd84207ef001dcdb6237f1c95dd8104854cab5bdadb616b438883f1a268fec38930ec08b8e533f4d56775247d4d929423ad1a3ba54353f4d26088fc7670bfcc0deb779b864d92f007d9010760df24fe957ceef80a77c3574de01d547b3beccf0b90a050fe4f258934ba7110edf8ca6ce36c30230e22c17fd7db67811f7545e16e819d25c5927d66c4ce2d39a6c33ec3036256ac48f07cc1698e23c17a61169f61f90b8bcbdaf9b70496f982e4aa03dbc57bd685f59c6a29eb9ccf5e6e04cd85c0501862e04054f2d0516f4c93cf3aa655187ad6e4433c5e8deb4ef8e9a15930d94e143b2e9bb3f848a71ef261193041ec1633e8cdbc50b0b6c725c22237f5cbe1f948236cb36569c33663f742fa0cd1b5b4da7b23ff90145c44726156c79b1130c69425556ce0e1089b196f3383d029f30f1ac0c6baff963c1a5bb47766966d0503b7cbeee48a91c37b06b6b0866f8c284e47bec67fcac5f51ff2044376904773958e78f1086f19ae94ea01b23fabc793548f3b9785292326a81ca5c0e250716b51cd3e548ea9f8d1a2f619b956eaf7b707ebb16c0e37d1d8f41db4f34b146db922f33380ad826e5eb71d606bc38ca1b8dbbaa747dd66e6fbc24d61c6597adc9706a9896fcaede7e91a32b4842bc209508f32fb4006fbae0ae0ac114b739dc65774ea6a956bc03a36e43eec15d9f5c71f7411b997814e52b1f6025c8d1c671068ec6080fb3610408c2f0ce2037d414bad71bc8cf8f411e9ff64629f4e94a7e994fbc203f9dd345f32906a8f6d3053c0db039234e236522a7e3f5521d266fe5fdb2ffa54c42b0ad557574980414a1ae327e6bc85e76c5819fdab89c25443289b656b5537bee44d81e9743c88e2c47a16931ff169535274b2a132868d6ab10234f87f5c4721cb7aff8a9bcc99f35377741e858d7381a7827c595a9f6d897922f8e32ea271fffefe3eaad9fb7d94174aaae9a81bfdab4404d04e7c0b989b58939731592bb8f76d669aa16cd33a5991c55d48c729b7ab3049c4c2509b522aca0c318aeeb4f88dbe6dc07d371952d48937a128ad20325a112c29c959a5b84d2c7857c02bffdc93913852e8ab78e70690f82c8c3e71551d6660fbdd5c8d7be6d102019cc5d49dcc4ce7e23b6fb1f56e893bfd020fd1a646353cc14b81885330c6602d0eef3ec1cf962f9bd19c32b73b03a8eb760f17c71014dcc19d7c1a6bb83616fcdc700928394dd61b4f60a3ccbd6114dd4f3fe678374ef9aac55bd5934f7dd6abdd284447d534347c4ebba2b9113adaf644124023022062b61ae64f440089c07d77d6517b570c3946f85f114ff3f9054b472bec69f1c9c4f45e9dde3ff3255fbd4078200c051a5db365397dbdd7471f26ebc094c33e21908c43bd11941daa0231ae16057d4655281b66b96954a815c2c33876a02106c48f45b49aec0c9ee8f7f1c31ce1a1e0dd808be0e7ba117cd9cd31327ad347b9f9773415350c3f40806d8f3336c8e11f0a4e49150f1112a6a9da5390cfc014a3c8fbf2c2e780fc690c509271ec796611067072a6896d9d2c268d7fa21fa9d6421de8e191d4f9bfd4a21410d8d68f13fe215469f0a95f1de9f982c36e99fc011d4a36d580b1fff160654aa9d91242e0566bae2b3a2feb43c3a33db2ae6f5c277e285fb3bba3dd751f109ab6253f66044f0df6b90e6367918e1b6ce863335c39e8af2536f2812166931c946bb79c62ab4e3f4bae699b26c0046e3bf3dd32e2745f7accffe6ebc7e86fda7c17a64808b58fb8201b28105704e7951e21b63b8a8725c8d181760526f3cdcb0ea6f2dbe89f2005033a1fb0178024e893e09ade198ce5e5aecf07eb7f55690f71fe8a5e33cab4209418a0e97066d006ddb6575cee741169cf119ab0613bddb2da654245c74ed210887829db3a5486a1ae7940921ed4783e303acb4c42bbcaa57e4eaba2fc3c677b70d18c0abc0050cccfa04f492cad795e1c31c57e2446efecfb1f884236c94e052d724431a66e7b9c624cb8abb98915922dfaadc2831c0923d14ca2ed312cbdadc43150ed5b1878c7fb10c63d0777182cce933629cf1fc8a41749586d5b9586bfcb7496954ddfc7a7f9e3aa9e1599f947e9100a3f2e753dda19191b2279b8a994f61abb89a4d82349d0c02ae66c0bd6f26f3a017854578e", 0x1000}, {&(0x7f0000000500)="f708b7e1935e0ec9e087551aecd31655d1de45da69e4f962d7fdef0ba584a6d359bbea1fa74399130885a9579c89365cbf1f2272ec45add7d6b27e8e10d3378ccd5cda34c93a8536ca030509509f7513dce266ce1362563d1316e8d93d7d9272952133ffb2f8c91021855dbe9497d7b1c87ee9b535dfaf86069849fc80bd5c02d7182a4cb7c8a83241d691caefc93f8bee4957da9149", 0x96}, {&(0x7f0000002740)="c52e107bcb2ed4393212cb908504d4831a5fb04397a3736b4bc47349a68e560649ad2fba8dd8d3e6565005986d95be3c9647b8184a6886e2556f79e0bc944b269687ae441251d3f6ed7e6b05a8732340f582f1197b8dc8897849f7e00947b2be99fec4e8bd00f6ff90ebbb18cdac7d9e6809e372fb9175c953419f91b894004b02eee837803ecdf134899319b49262fdfdbef379e17883053b304a9973437fffd06d183118a0dda5c8d4b22b0c60d6e72db666232ff4eec757e4fffd9bbbfb3cf1f7d3d55f4567efc48286d4179d75ed2b960dc1d05e2d50aeae19e460c8d1fca0dbc6ce0696610ffc499ed6caf8506f77ff1a035e73b45ec58c3cb587d942e3a2126e7cca2f82d1b6982aeb1ac221cb9419b4b129446e6657068a09c0bfd020c5d52956c1e54e1568872befba771b60c249fdfc8a2e281d1303ca64b59f5b3d61dc36a41369f0c9191ebd7e0d2ed97dcd04024aa75f097eaf7693fe32a220e5c3128b15eac72fb6baa407a5a53b98a01ab1778ce4cdc633060804e8e660e3a66d87d1888a44eae325e8c75e5c2d2b9698e1b5903064e96b06cd83da02c59ca22b73fcce93fb93a67ef3d9de8f8eff09a3a8906201d9cac311d3aba49a47614e3c85440e35c5ecf77e39775e0b659c83920ce3a6ebb41746349feb6bcd797473dd373c9167a4b7e83bcd555d7d74d056a6f7784f04635580326e35e383a1ce02ed050fed3aea401039f955763abea446e8ac630ef2dd0b653885ab8c4157d637b36d5732439bd9909a57b983d3d1e0567e846ac12d72aecdfe1ebd0b9e407eb3aabfcaba598c0540485fbb930ce8e032ce2bcbffe49f583a20f3b00676fc889eabdd7fcd797b983b907a06180307263a45735523b85d337a7a2eeead34fb41e14d496c0464b8b41d840ca1717ea59d79ed26a01cf011273f529ec984f3a854c11d4726c8e1045ad6e972d32b4d250592241d8d785c5b840cef76d4e325414d980767914d63f7d95bafcdec785018e6ca5820f840a0ab8f40391eca30f20cb09f717b4364e5b9a54bd0c7b8a0fe30777232d1b01d09eba9f2188566c8a0fd73a1c4be2891f0e1081d55e49942435989fcb854283fe229b298f538f6f13236fa953dbc81c2545accd0e7bf59c329b74501cdc12f289071ec873eb43b194ba5ce8131455270578e82aa169cf48703efb0f6b2c4c2292e0debcacc8515426c4ecb83443da8962f66710fd24adecbc997c71db8608ea912e8e2f0421b84c7d8d427ec106fc9170807729b02a61da9254f5b042b4a46f6328dd5c7204f705611d9e3fe5524cab486e1da405e101dd6b3cd2521c61f91cd27eb820a4c7d7005ce6d0bc8a4af32773f8b113fb1f71b791ebde167497ff3751b2a2be063b3b6d2d933bf545229a982848a8eb429007d275e1ea24980270b74c8ce25ac1954a1bb659ad2a2e62ea043189d9128e6f263f6579f06174954212a6abba51af10188348aa5a8c582fd635e05ce2031d16d960257ceb98ca220636d766ba1016fd22a273c9e2a22380a5397cc485928559311b98e1cfb7479aa9556d3ad0fb4194b807829d1f19efbc2b2fd136e1e24c422fb50001195b330a74b9b743bcca9947ed71f229fce7b8b1093d244eb787d47fb9f5899b92aa5707a30f78ab7d571babfb1bce9a40306c3f6059f8338ce1e27dbe27d3ef10cb12a2123af54de1cfa330f1793d23b6cd0ff46ed0b48c02713845395740df4a8503cfad3ebd573058c6d9fa44f75609f2eb0b684582dcf47afec0424347876acad7af3469a94accae153f28571cfb2dfc090a7f0ed7823a40f1eec80efe16a2df6bf73a7fc9f9daa819ebbd58937a4370e7fdaa28421441754e7dd79d94c707000e67a3d0309940f594f9b9d890f076d2b08e68448271cb671c828732857b3115df4e9285d82763b72adbb5cb1b701bdc033a23b8538dccb6598b38dc3d1b2ceaaf224029426c607135dbb142d86fba7d26fb26a9ff5410bb368ed4201d668a19c3dba3824433073b7318215ebfd673b5ceac2eb88860c62eb0eae47b5ab9a9ab5ca861f33ac6e039aa33c1e4fcc097550eed3b75315c5eeef4511dae02b9a5924318eeffff32bb06a2e091a6e4834e0b8bf0511dcf3480f07338b48ca9ed164cb79f7adb7e6039767ff5d5b350e5b7502d145a8cc7b6eec29f171c8383ef4d4a5df227417d9fb2df18c8ff14e5cec32d2a6f2ebe787b1dc5b78ba34f347190c818e7250beae4d247b079db0520c0cc4c22a8ffdc28e9849385acdc2fca7b251ee53145a4d174dc8cfc669e3d8c32a56f88c942d41fb149f216411b1b451be18071554cca641def6bc6621e71769797850a75582076347f7d880f3be6bfc408849f2d220e00a96427b8693147ea0018bd9a69051046c9d58c84a433ca307f9dbb4067f19bf3695c17b368e2670879d3995787c8333a2cb92c7bd9f8d1f6061bda5f83a6e2b8ee16e826e1d31fd7ff916e434c46033eb6ca8f766cd62b32772da5033f0fc9c93c8b9c9c7e448326ea1d728c17e9630efb422be43e2da9a271a0d9f23f5f4fcaa97691f3808049b74aac5d4ebcc2dbdd8000eb2452203ff43053d6ecc7addc05a8d3e49fb1d09aa53e748bd3812cb7d8ef6fc10802cd229c9b9b93fb67029916e58799c2ae03e92af8772e1964302d370bc5ce7bb4659c442f121166b3390cddea5953edc399be95988cc97e2b8d9eeea5832de9ae0fa3488d97a5ecbe5598c9c72a147731e7dce736a6b902f771b47fcc1080aa3f9bc6c32b15f7fc3cfeed47ba8100684a7f4f3a5c5b90e564205529c01fb5a2fc452f82355472bba7b11aaf9a9deef83d2cd131a08332d5762da636c9a95d770b01f08652196539f6de8a4645e23da7a7bb8601b63cfc5131f7983a9f5b3c8780e9af3cc0857a1aee1b1439ff24fc5fb6232a7a49c6bfc72db480ac29886af3113e82f35cdcff662dbcc21e9886b3dbb5f914b3323befc74de56d1096a9471d543e7a87bb8b2c1b4e5c9b181255dfc6edb62e1853ebb8a845e3ca5ff5a816a0df2187d86842d51040a5bdbce9dade976ad95b5b174c3c709571a187eba010ef8112de303650a5b0a3276873b0ed33a7c4a3307414d9ca4eec8a8e724e5aafc14361b2580c459bea48ac53295c591ce7486d1809789a9eb14f110e9e81ac97418365b46b1bdcdce6223e8473092be617b17dcbb729ba6ef813d8275f2f1815fe3423dca54a25126007743e4faae161b6a852ebf0af1fb3de3f1725542bd276d1db61fc059f617d6452ddfaf186a71ea569e7e2191059ed01e3214530e31ba0d658881930862426336e007d7eb311bf4cc621068294bb204bbc20eb78d917fd10b1e13b9bd0e74f2ed717ae999c2335c561d76564a52e0743f4b16b966a3e4a1de48758afb92dedf80785be73c697aba73128d8d274c58191e31c833dcdd4ff20c79acd8bbeee38f42e61875a5bc04fc2b02bb80ca4b22426dd6af047d381f53664f73fcc0fa8c5214175a163f9d81d5dc53c9caadf2a6ef02a65d35eff2ac4c15cd4b1371b89f151ea5beee8f7e58a6aeb420b4cf7e55af863c12d2a063715842764b6495ecfa71d4dac91ee79338f57e6110b034c033819e1cbf40a602b9b91527f261706970be0cd1c5edfd52c3ab1412aac48613046e184b807bb114c4a0afa996a177d831584b30dd0efded213edf329c9b9b3c8f9ac61044747281098ba4eb6b768ac09e5271a4677316b06cf94dc47e2e1c8dd4881166f423df4d8aab6af011435ea1f38f55f18eb6abb568e00310f01a27668f50bbc8831d7fc318accd5b42c35bf642bbf4eb52b1bb471b0b529dc4e0fc79eb586e98b821df3a2ed94013aa36387d0cd7283788302adb348d2fc930f83b7c8511b050bc5971c1088fc7f5d04f4fda44aaf95d822cd39cdc22faaa83fc883480a86c39bd3ca9908c50b8db972319d9da60e1fdc34de1749deda3757d8db23190e83a7cc1ed04928f4d2c998790758d7fd70b634f550537d12d40e7a789ea1a5484af1cbbae07c7c6dce270585c8253e267920092b00e707540b78b64083d1dc7b395cea5cfff7e4d05801cfcf03eec63901209f53e23889d7311d3ab756785fd8243e3f9a9303d1e89b06c84d725336319b6f1160d8e5037e14ae911a249fd7212c16a459de866c2cd6985a3f87c69cac531c2a06f4f9bb8e50fdec46c0e0efbfe7d03a2df433a192629665682ef706bd8cae88151e3139684f6b66af48819f14c223ff1eed30e7d13d6a5532b8b195b058a0b37f9c3ec7c7ba15582f79ba8f463dcc2905e0a238fe89ca7833eea6cc4c28f84ae63f9ae8cb853745c626e3c1c47369101418500c8043c16723e873e83a5009493018b85676ca0f56434831b7c817e69983e47b184e6fb8cfb18418a30732a6d0b4a2c606e7590022427dad80369a4a4d332147fc8b8b703f0faf5378f9c8d5fed8d633774cb6690cd31b0716e01acd14a9c41dc41b29b03351cded743095409d0f7fbf4e9339b5a310beb2aa27b64366cc82152f0e68ae18b897a7a55bd429f78428b09a4a10005203e350b0391d6753712f058275dd17a544e2cad606ca3e576b890af3466eaa795730fc3f97d3fbf0c609e6ebf017407f9c8967ca8473eb1f59da33cee8124c6bf7b921a6a17ce0d29b7bddb9849d7e419ddeede63e94e2e734ba6252ee28661887fb8d5c5325a47a58e9d2788cdccfdab95df7b13447fbec22b1dba8df7ce6d0faeba0d4f34f6bdee04c294152f617045b30fc7c676de00966cdb23d47f917e88834dc2339cade7aab4dab9b1265028263d00b438e56667f1b4a7b16d6b2e3490a22b8620c9184f4df120f285a065ed2142be30497964fc274fd4120a829a428d2036335cf3260fb8d8bec1d0cba3f4b6b35fcd92347bf7e77a389793a772efeac9a6422deb8ce86e77c1d80f25befdf65f2b989c169bccb45a9a8dcc38317cefbbd42a30a44f9c8ea6f6af39e5d36f7fbaa673dcaf6e56cd9ab0d6500aea86aa42c5088f6ab1834fdd03650a5706c7bf3be45de09bda6f7c785276c0a7279c5028ebe9dde0ecf10eb686bf4b5848dde477f023ae901bdc9989a134ac7f8336f234aed1c8358470ad953a9acd639d22989ac71613d93f2db7b1f13e10b685e368e05b032ba2386e5ea08f6b0c702614bd73f01284c2215b4aa4636771049bad8a95791dfc6f7668a977b46fb5aa82a17318e1af2b215dac50d877885e2596c922a45e3bb1c7e3fd3a6e0158f9050e955bceaa66a786613159e4382d3761cec71b918b623636d94f2afbfa00504aaa63e9df0136debb4a7975d1af35a475b68b2ea7d0999a49e8e568f537dc40673c6798ce93173484ae2094899adfe2d43f047a6ae549ee41e6da1eeeeda1bddaeb760f24bd1bc6d2092ac6dae7a8070a5d2606f447e8eeb61111816cd17ad392217ceb7cd64c5680c563aa9f66bb263500de50f43ae9a0ee4f273d37f8613520877dfe89b0561906e67a0e50d2291bf2295c9d2bb4312de2e668e5748c8988e79b9fc157bfbeec7ad1acba05c5be4d92d2af937549b644df0ac7e9e8cceb343d0146426a108c617c2e3894c63241678317914f2d2530e321de4bb0126d8cb8c096db7c316c24b28fc879691592d6d88a849719a991dd03546e0ce6349ee953878af5051c46c4479d9eca03d1ad676c7e7f3a06156621fff70a976a96c434d60963d7ceedd71a13fe450f353d08415fdbaac987cf01f00b5a9466f9534b6baa86c9f6b8d938777e6a39ce55568680482fcad53fb667eb0652", 0x1000}, {&(0x7f00000005c0)="87b3f6cdc5085486328de3fe8a83c56c1cfa9db2050e1138bfa706f0a61d5409a04e9fa0faa48099f76717990e441cc2ee0d486b20a631bfc49240c1cb8a355811b6dc8121bae898828894cd085162e138ea4d31b083ebc7ad419c9fd96be06341c41116966fb6268399f74660bba3508b1d786bb873f47af13cd9c2e6eddbcece6100a504a5b02c1643390a234f95fca1517d433da4febcd83497c7eafe2719f880", 0xa2}], 0x6, &(0x7f0000003740)=[@ip_retopts={{0xb8, 0x0, 0x7, {[@lsrr={0x83, 0xb, 0x4b, [@multicast1, @local]}, @ssrr={0x89, 0x1f, 0xa8, [@empty, @private=0xa010100, @broadcast, @remote, @dev={0xac, 0x14, 0x14, 0x1c}, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @generic={0x86, 0xd, "9502476d7005983136a877"}, @cipso={0x86, 0x6f, 0x2, [{0x0, 0xc, "3c6fad57b963ca4f57d6"}, {0x7, 0xf, "46a651cc304951bd586c845136"}, {0x1, 0xe, "ecbba3f93b04ef6ca7dfccd6"}, {0x5, 0x3, "7f"}, {0x5, 0x10, "40555980e9620baf8fca225697b6"}, {0x6, 0xb, "50103fbabee7de48c0"}, {0x7, 0x7, "d3cfb2b2be"}, {0x7, 0xa, "971d653c167fc9fc"}, {0x6, 0x11, "6d3ae69588f8da48ec5399f235727d"}]}]}}}, @ip_ttl={{0x14}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf3}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xba}}], 0x118}, 0x80)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$CDROMMULTISESSION(0xffffffffffffffff, 0x5310, &(0x7f0000000040)={@msf, 0x0, 0x1})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000003900)={'wlan1\x00'})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000003a40)={&(0x7f00000038c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003a00)={&(0x7f0000003940)={0x84, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x40055}}}}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_KEYS={0x58, 0x51, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_KEY_TYPE={0x8}]}, {0x48, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "ab952b3b7b7e10f7cd9a6672f8"}, @NL80211_KEY_SEQ={0x4}, @NL80211_KEY_TYPE={0x8, 0x7, 0x2}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_SEQ={0x13, 0x4, "d89473bfc869826efcc2e7c528006d"}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "6bcbdaf778"}]}]}]}, 0x84}}, 0x4000050)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
r5 = dup3(r4, r3, 0x0)
ioctl$CDROMMULTISESSION(r5, 0x5310, &(0x7f0000000040)={@msf, 0x0, 0x1})
r6 = syz_open_dev$vcsu(&(0x7f00000003c0), 0x80000000, 0x440)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r5, 0xc018937e, &(0x7f0000000400)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r6, @ANYBLOB="02000000f8ffffff2d2f66696c653100"])
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x20, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000003a80)=ANY=[@ANYRESDEC, @ANYRES16=r7, @ANYBLOB="00032cbd7000fedbdf251c000000"], 0x14}, 0x1, 0x0, 0x0, 0x4084}, 0x2400c804)

17:44:21 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:21 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 25)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:44:21 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:21 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 8)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2708.102713] FAULT_INJECTION: forcing a failure.
[ 2708.102713] name failslab, interval 1, probability 0, space 0, times 0
[ 2708.104608] CPU: 0 PID: 30871 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2708.105686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2708.106965] Call Trace:
[ 2708.107382]  dump_stack+0x107/0x167
[ 2708.107955]  should_fail.cold+0x5/0xa
[ 2708.108549]  ? security_file_alloc+0x34/0x170
[ 2708.109224]  should_failslab+0x5/0x20
[ 2708.109803]  kmem_cache_alloc+0x5b/0x310
[ 2708.110417]  security_file_alloc+0x34/0x170
[ 2708.111064]  __alloc_file+0xb7/0x320
[ 2708.111625]  alloc_empty_file+0x6d/0x170
[ 2708.112247]  alloc_file+0x5e/0x5a0
[ 2708.112798]  alloc_file_pseudo+0x16a/0x250
[ 2708.113433]  ? alloc_file+0x5a0/0x5a0
[ 2708.114035]  anon_inode_getfile+0xc8/0x1f0
[ 2708.114673]  io_uring_setup+0x138b/0x2980
[ 2708.115327]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2708.116117]  ? wait_for_completion_io+0x270/0x270
[ 2708.116877]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2708.117681]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2708.118469]  do_syscall_64+0x33/0x40
[ 2708.119062]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2708.119842] RIP: 0033:0x7f44bdd8db19
[ 2708.120431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2708.123343] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2708.124496] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2708.125546] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2708.126598] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2708.127645] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2708.128713] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:21 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfsno=', @ANYRESHEX=r1])

17:44:21 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:21 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 62)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:44:21 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2708.201910] FAULT_INJECTION: forcing a failure.
[ 2708.201910] name failslab, interval 1, probability 0, space 0, times 0
[ 2708.203533] CPU: 0 PID: 30876 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2708.204644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2708.205812] Call Trace:
[ 2708.206209]  dump_stack+0x107/0x167
[ 2708.206745]  should_fail.cold+0x5/0xa
[ 2708.207285]  ? create_object.isra.0+0x3a/0xa30
[ 2708.207932]  should_failslab+0x5/0x20
[ 2708.208482]  kmem_cache_alloc+0x5b/0x310
[ 2708.209087]  create_object.isra.0+0x3a/0xa30
[ 2708.209719]  kmemleak_alloc_percpu+0xa0/0x100
[ 2708.210364]  pcpu_alloc+0x4e2/0x1240
[ 2708.210900]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2708.211471]  percpu_ref_init+0x31/0x3d0
[ 2708.212034]  io_uring_setup+0x47a/0x2980
[ 2708.212623]  ? __mutex_unlock_slowpath+0xe1/0x600
17:44:21 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

[ 2708.213450]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2708.214164]  ? wait_for_completion_io+0x270/0x270
[ 2708.214860]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2708.215607]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2708.216361]  do_syscall_64+0x33/0x40
[ 2708.216896]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2708.217614] RIP: 0033:0x7f7f12293b19
[ 2708.218138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2708.220746] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2708.221809] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2708.222802] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2708.223796] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2708.224803] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2708.225803] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2708.244847] 9pnet: Insufficient options for proto=fd
[ 2708.280288] FAULT_INJECTION: forcing a failure.
[ 2708.280288] name failslab, interval 1, probability 0, space 0, times 0
[ 2708.283418] CPU: 1 PID: 30884 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2708.285072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2708.287006] Call Trace:
[ 2708.287603]  dump_stack+0x107/0x167
[ 2708.288398]  should_fail.cold+0x5/0xa
[ 2708.289212]  ? create_object.isra.0+0x3a/0xa30
[ 2708.290189]  should_failslab+0x5/0x20
[ 2708.291014]  kmem_cache_alloc+0x5b/0x310
[ 2708.291959]  create_object.isra.0+0x3a/0xa30
[ 2708.292920]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2708.294000]  kmem_cache_alloc+0x159/0x310
[ 2708.294902]  vm_area_dup+0x78/0x290
[ 2708.295675]  ? lock_release+0x680/0x680
[ 2708.296559]  ? mark_lock+0xf5/0x2df0
[ 2708.297357]  ? lock_chain_count+0x20/0x20
[ 2708.298229]  ? mark_lock+0xf5/0x2df0
[ 2708.299011]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2708.300119]  ? lock_chain_count+0x20/0x20
[ 2708.301036]  ? mark_lock+0xf5/0x2df0
[ 2708.301853]  ? vm_area_alloc+0x110/0x110
[ 2708.302733]  ? __lock_acquire+0x1657/0x5b00
[ 2708.303676]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2708.304955]  ? SOFTIRQ_verbose+0x10/0x10
[ 2708.305825]  ? vmacache_find+0x55/0x2a0
[ 2708.306661]  __split_vma+0xa8/0x4e0
[ 2708.307450]  __do_munmap+0x365/0x1260
[ 2708.308254]  ? arch_get_unmapped_area+0x450/0x450
[ 2708.309313]  ? lock_release+0x680/0x680
[ 2708.310231]  mmap_region+0x7cc/0x1500
[ 2708.311052]  do_mmap+0x868/0x1370
[ 2708.311797]  vm_mmap_pgoff+0x198/0x1f0
[ 2708.312629]  ? randomize_page+0xb0/0xb0
[ 2708.313672]  ksys_mmap_pgoff+0x41c/0x560
[ 2708.314545]  ? find_mergeable_anon_vma+0x250/0x250
[ 2708.315803]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2708.316922]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2708.318025]  do_syscall_64+0x33/0x40
[ 2708.318868]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2708.319988] RIP: 0033:0x7fea1df7ab62
[ 2708.320800] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2708.325054] RSP: 002b:00007fea1b4f00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2708.326699] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fea1df7ab62
[ 2708.328232] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2708.329794] RBP: 0000000020ffe000 R08: 0000000000000008 R09: 0000000000000000
[ 2708.331350] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000080
[ 2708.332899] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:21 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:35 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 26)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2722.174361] 9pnet: Insufficient options for proto=fd
[ 2722.185790] FAULT_INJECTION: forcing a failure.
[ 2722.185790] name failslab, interval 1, probability 0, space 0, times 0
[ 2722.187339] CPU: 0 PID: 31002 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2722.188264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2722.189388] Call Trace:
[ 2722.189748]  dump_stack+0x107/0x167
[ 2722.190257]  should_fail.cold+0x5/0xa
[ 2722.190768]  ? create_object.isra.0+0x3a/0xa30
[ 2722.191383]  should_failslab+0x5/0x20
[ 2722.191888]  kmem_cache_alloc+0x5b/0x310
[ 2722.192432]  create_object.isra.0+0x3a/0xa30
[ 2722.193032]  kmemleak_alloc_percpu+0xa0/0x100
[ 2722.193648]  pcpu_alloc+0x4e2/0x1240
[ 2722.194154]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2722.194705]  percpu_ref_init+0x31/0x3d0
[ 2722.195239]  io_uring_setup+0x47a/0x2980
[ 2722.195784]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2722.196421]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2722.197129]  ? wait_for_completion_io+0x270/0x270
[ 2722.197780]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2722.198493]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2722.199173]  do_syscall_64+0x33/0x40
[ 2722.199674]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2722.200347] RIP: 0033:0x7f7f12293b19
[ 2722.200848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2722.203523] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2722.204537] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2722.205481] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2722.206642] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2722.207695] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2722.208661] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:35 executing program 1:
lseek(0xffffffffffffffff, 0x9, 0x1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f00000000c0)={0x0, 0xfb, 0x9a, 0x7, 0x6, "5c0cea8f7fe4db033c98dbbb37af5c6b", "33ca0541a974140e5295800ab5efc70e5eeb93235c7dc596a0a0fa711a9d270e00b3129d1114da1b781efc271ce22b25f97b04ff8bdac5e3e48c19a67f7e8d2ed7978bd3e3c532e331972240a2cc930943dbb1bebe53ad437d808082a7f5759c68feda3a6f81386d73ea1344467b72345d67fd6b020a5df2a462c53e83cb0355a972e70e9a"}, 0x9a, 0x1)
r1 = syz_open_dev$vcsu(&(0x7f0000000180), 0x8e, 0x400000)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000001c0), 0x123a03, 0x0)
dup3(r3, r2, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r3)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r4, 0x0, 0x100000001)

17:44:35 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:35 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:35 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfuno=', @ANYRESHEX=r1])

17:44:35 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 9)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:35 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 63)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 2722.237107] FAULT_INJECTION: forcing a failure.
[ 2722.237107] name failslab, interval 1, probability 0, space 0, times 0
[ 2722.241337] CPU: 1 PID: 31006 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2722.242845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2722.244640] Call Trace:
[ 2722.245227]  dump_stack+0x107/0x167
[ 2722.246036]  should_fail.cold+0x5/0xa
[ 2722.246857]  ? create_object.isra.0+0x3a/0xa30
[ 2722.247844]  should_failslab+0x5/0x20
[ 2722.248682]  kmem_cache_alloc+0x5b/0x310
[ 2722.249564]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 2722.250763]  create_object.isra.0+0x3a/0xa30
[ 2722.251706]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2722.252836]  kmem_cache_alloc+0x159/0x310
[ 2722.253848]  security_file_alloc+0x34/0x170
[ 2722.254779]  __alloc_file+0xb7/0x320
[ 2722.255595]  alloc_empty_file+0x6d/0x170
[ 2722.256478]  alloc_file+0x5e/0x5a0
[ 2722.257266]  alloc_file_pseudo+0x16a/0x250
[ 2722.258178]  ? alloc_file+0x5a0/0x5a0
[ 2722.259025]  anon_inode_getfile+0xc8/0x1f0
[ 2722.259959]  io_uring_setup+0x138b/0x2980
[ 2722.260882]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2722.261990]  ? wait_for_completion_io+0x270/0x270
[ 2722.263056]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2722.264186]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2722.265317]  do_syscall_64+0x33/0x40
[ 2722.266120]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2722.267295] RIP: 0033:0x7f44bdd8db19
[ 2722.268299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2722.272849] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2722.274496] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2722.276024] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2722.277582] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2722.279181] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2722.280734] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2722.281329] FAULT_INJECTION: forcing a failure.
[ 2722.281329] name failslab, interval 1, probability 0, space 0, times 0
[ 2722.284064] CPU: 0 PID: 31008 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2722.284973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2722.286051] Call Trace:
[ 2722.286407]  dump_stack+0x107/0x167
[ 2722.286877]  should_fail.cold+0x5/0xa
[ 2722.287368]  ? anon_vma_clone+0xdc/0x590
[ 2722.287890]  should_failslab+0x5/0x20
[ 2722.288520]  kmem_cache_alloc+0x5b/0x310
[ 2722.289102]  anon_vma_clone+0xdc/0x590
[ 2722.289616]  __split_vma+0x17c/0x4e0
[ 2722.290101]  __do_munmap+0x365/0x1260
[ 2722.290589]  ? arch_get_unmapped_area+0x450/0x450
[ 2722.291206]  ? lock_release+0x680/0x680
[ 2722.291712]  mmap_region+0x7cc/0x1500
[ 2722.292208]  do_mmap+0x868/0x1370
[ 2722.292677]  vm_mmap_pgoff+0x198/0x1f0
[ 2722.293184]  ? randomize_page+0xb0/0xb0
[ 2722.293706]  ksys_mmap_pgoff+0x41c/0x560
[ 2722.294224]  ? find_mergeable_anon_vma+0x250/0x250
17:44:35 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 10)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2722.294851]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2722.295684]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2722.296341]  do_syscall_64+0x33/0x40
[ 2722.296827]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2722.297487] RIP: 0033:0x7fea1df7ab62
[ 2722.297966] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2722.300299] RSP: 002b:00007fea1b4f00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2722.301263] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fea1df7ab62
[ 2722.302158] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2722.303061] RBP: 0000000020ffe000 R08: 0000000000000008 R09: 0000000000000000
[ 2722.303957] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000080
[ 2722.304863] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:35 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfwno=', @ANYRESHEX=r1])

[ 2722.366454] FAULT_INJECTION: forcing a failure.
[ 2722.366454] name failslab, interval 1, probability 0, space 0, times 0
[ 2722.369208] CPU: 1 PID: 31115 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2722.371392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2722.374037] Call Trace:
[ 2722.374820]  dump_stack+0x107/0x167
[ 2722.375769]  should_fail.cold+0x5/0xa
[ 2722.376770]  ? percpu_ref_init+0xd8/0x3d0
[ 2722.377840]  should_failslab+0x5/0x20
[ 2722.378835]  kmem_cache_alloc_trace+0x55/0x320
[ 2722.380023]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2722.381085]  percpu_ref_init+0xd8/0x3d0
[ 2722.381421] 9pnet: Insufficient options for proto=fd
[ 2722.382119]  io_uring_setup+0x47a/0x2980
[ 2722.382150]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2722.385077]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2722.386385]  ? wait_for_completion_io+0x270/0x270
[ 2722.387831]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2722.389204]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2722.390541]  do_syscall_64+0x33/0x40
[ 2722.391518]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2722.392856] RIP: 0033:0x7f7f12293b19
[ 2722.393805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2722.398527] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2722.400494] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2722.402335] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2722.404170] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2722.406007] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2722.407796] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:35 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:35 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:35 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(0x0, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 27)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2722.493508] FAULT_INJECTION: forcing a failure.
[ 2722.493508] name failslab, interval 1, probability 0, space 0, times 0
[ 2722.494857] CPU: 0 PID: 31197 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2722.495656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2722.496631] Call Trace:
[ 2722.496945]  dump_stack+0x107/0x167
[ 2722.497377]  should_fail.cold+0x5/0xa
[ 2722.497822]  ? io_uring_alloc_task_context+0x99/0x6a0
[ 2722.498427]  should_failslab+0x5/0x20
[ 2722.498871]  kmem_cache_alloc_trace+0x55/0x320
[ 2722.499406]  io_uring_alloc_task_context+0x99/0x6a0
[ 2722.499985]  ? io_import_iovec+0x1120/0x1120
[ 2722.500498]  ? lock_downgrade+0x6d0/0x6d0
[ 2722.500986]  ? do_raw_spin_lock+0x121/0x260
[ 2722.501484]  ? rwlock_bug.part.0+0x90/0x90
[ 2722.501982]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2722.502540]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2722.503150]  ? alloc_fd+0x2e7/0x670
[ 2722.503583]  io_uring_setup+0x1fbb/0x2980
[ 2722.504070]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2722.504673]  ? wait_for_completion_io+0x270/0x270
[ 2722.505246]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2722.505859]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2722.506455]  do_syscall_64+0x33/0x40
[ 2722.506885]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2722.507479] RIP: 0033:0x7f44bdd8db19
[ 2722.507910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2722.510028] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2722.510907] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2722.511729] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2722.512562] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2722.513386] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2722.514208] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:50 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 64)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:44:50 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:50 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:50 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 11)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:50 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfd\"o=', @ANYRESHEX=r1])

17:44:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f00000000c0)='/proc/self/exe\x00', 0x301442, 0x0)
sendfile(r0, r1, 0x0, 0x100000001)
r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x509100, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(r2, 0x4008f50a, &(0x7f0000000040)={0x8001, 0x3f})

17:44:50 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:50 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 28)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2736.807049] FAULT_INJECTION: forcing a failure.
[ 2736.807049] name failslab, interval 1, probability 0, space 0, times 0
[ 2736.809680] CPU: 1 PID: 31246 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2736.811245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2736.813130] Call Trace:
[ 2736.813613] 9pnet: Insufficient options for proto=fd
[ 2736.813742]  dump_stack+0x107/0x167
[ 2736.815654]  should_fail.cold+0x5/0xa
[ 2736.816537]  ? create_object.isra.0+0x3a/0xa30
[ 2736.817586]  should_failslab+0x5/0x20
[ 2736.818452]  kmem_cache_alloc+0x5b/0x310
[ 2736.819385]  create_object.isra.0+0x3a/0xa30
[ 2736.820377]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2736.821541]  kmem_cache_alloc_trace+0x151/0x320
[ 2736.822604]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2736.823522]  percpu_ref_init+0xd8/0x3d0
[ 2736.824436]  io_uring_setup+0x47a/0x2980
[ 2736.825377]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2736.826470]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2736.827623]  ? wait_for_completion_io+0x270/0x270
[ 2736.828742]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2736.829347] FAULT_INJECTION: forcing a failure.
[ 2736.829347] name failslab, interval 1, probability 0, space 0, times 0
[ 2736.829931]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2736.829967]  do_syscall_64+0x33/0x40
[ 2736.834289]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2736.835455] RIP: 0033:0x7f7f12293b19
[ 2736.836288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2736.840461] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2736.842192] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2736.843808] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2736.845428] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2736.847044] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2736.848659] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2736.850329] CPU: 0 PID: 31251 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2736.851811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2736.853802] Call Trace:
[ 2736.854367]  dump_stack+0x107/0x167
[ 2736.855145]  should_fail.cold+0x5/0xa
[ 2736.855960]  ? create_object.isra.0+0x3a/0xa30
[ 2736.856940]  should_failslab+0x5/0x20
[ 2736.857760]  kmem_cache_alloc+0x5b/0x310
[ 2736.858639]  create_object.isra.0+0x3a/0xa30
[ 2736.859572]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2736.860657]  kmem_cache_alloc_trace+0x151/0x320
[ 2736.861666]  io_uring_alloc_task_context+0x99/0x6a0
[ 2736.862739]  ? io_import_iovec+0x1120/0x1120
[ 2736.863676]  ? lock_downgrade+0x6d0/0x6d0
[ 2736.864561]  ? do_raw_spin_lock+0x121/0x260
[ 2736.865488]  ? rwlock_bug.part.0+0x90/0x90
[ 2736.866395]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2736.867397] FAULT_INJECTION: forcing a failure.
[ 2736.867397] name failslab, interval 1, probability 0, space 0, times 0
[ 2736.869734]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2736.870841]  ? alloc_fd+0x2e7/0x670
[ 2736.871628]  io_uring_setup+0x1fbb/0x2980
[ 2736.872517]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2736.873597]  ? wait_for_completion_io+0x270/0x270
[ 2736.874653]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2736.875761]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2736.876867]  do_syscall_64+0x33/0x40
[ 2736.877658]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2736.878748] RIP: 0033:0x7f44bdd8db19
[ 2736.879542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2736.883460] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2736.885070] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2736.886580] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2736.888077] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2736.889595] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2736.891112] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2736.892669] CPU: 1 PID: 31247 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2736.894360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2736.896248] Call Trace:
[ 2736.896866]  dump_stack+0x107/0x167
[ 2736.897697]  should_fail.cold+0x5/0xa
[ 2736.898570]  ? create_object.isra.0+0x3a/0xa30
[ 2736.899613]  should_failslab+0x5/0x20
[ 2736.900478]  kmem_cache_alloc+0x5b/0x310
[ 2736.901434]  create_object.isra.0+0x3a/0xa30
[ 2736.902433]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2736.903594]  kmem_cache_alloc+0x159/0x310
[ 2736.904550]  anon_vma_clone+0xdc/0x590
[ 2736.905452]  __split_vma+0x17c/0x4e0
[ 2736.906303]  __do_munmap+0x365/0x1260
[ 2736.907163]  ? arch_get_unmapped_area+0x450/0x450
[ 2736.908260]  ? lock_release+0x680/0x680
[ 2736.909177]  mmap_region+0x7cc/0x1500
[ 2736.910060]  do_mmap+0x868/0x1370
[ 2736.910861]  vm_mmap_pgoff+0x198/0x1f0
[ 2736.911748]  ? randomize_page+0xb0/0xb0
[ 2736.912667]  ksys_mmap_pgoff+0x41c/0x560
[ 2736.913600]  ? find_mergeable_anon_vma+0x250/0x250
[ 2736.914713]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2736.915891]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2736.917069]  do_syscall_64+0x33/0x40
[ 2736.917916]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2736.919074] RIP: 0033:0x7fea1df7ab62
[ 2736.919917] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2736.924072] RSP: 002b:00007fea1b4f00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2736.925814] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fea1df7ab62
[ 2736.927426] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2736.929044] RBP: 0000000020ffe000 R08: 0000000000000008 R09: 0000000000000000
[ 2736.930656] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000080
[ 2736.932267] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x800)
syz_mount_image$nfs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x81, 0x2, &(0x7f0000000200)=[{&(0x7f00000000c0)="8d56dfe8bee2f2d67942c91cad0a85111154fb792028fad06601f8addb4836bbc46addb392f0483e052f9e5a22f31e71bd150384c7b3abdef8a2ba3d99c2cd86148e250aa4c301b8a8a400ce387a6175b34910269641279e255070e4c3dcf1b30046a7de73a46de54b4254342dd17e6570dafb6d1776943454fa0e0cdf01dc9f02cd070f2b591c5ca478317e0cea7758", 0x90, 0x3611}, {&(0x7f0000000180)="3539a6db78da3ff032a0167b38477feb45f2525f488b85036691bcb442de1e12a3d8114bdc18f5e523cd94fc61054abe181390ebeb497a62bf86d101c0e9409bc372b1acd3e4f467a73d8c9a6b4395e5ecdfdde7c2b74c07a36121ad07ed72c7e324c6fcf44df4b29d57dd6c7de8fa38e60ffd4dcf838b2dc17d7005a065f4", 0x7f, 0xff}], 0x1811084, &(0x7f0000000340)={[{'\'((}/##-!'}, {'('}, {'\'+'}, {'%%&)^[\xe5'}, {'-}'}, {')['}], [{@fowner_gt={'fowner>', 0xee01}}, {@obj_role}, {@hash}, {@fowner_gt={'fowner>', r2}}]})
sendfile(r0, r1, 0x0, 0x100000001)
ioctl$FITHAW(r1, 0xc0045878)

17:44:50 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:50 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:50 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 12)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:44:50 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfd,o=', @ANYRESHEX=r1])

17:44:50 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:44:50 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 29)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

[ 2737.165125] FAULT_INJECTION: forcing a failure.
[ 2737.165125] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2737.167735] CPU: 0 PID: 31364 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2737.169200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2737.170935] Call Trace:
[ 2737.171500]  dump_stack+0x107/0x167
[ 2737.172268]  should_fail.cold+0x5/0xa
[ 2737.173087]  __alloc_pages_nodemask+0x182/0x600
[ 2737.174065]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2737.175326]  ? cap_capable+0x1cd/0x230
[ 2737.176149]  alloc_pages_current+0x187/0x280
[ 2737.177091]  __get_free_pages+0xc/0xa0
[ 2737.177906]  io_uring_setup+0xe27/0x2980
[ 2737.178769]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2737.179828]  ? wait_for_completion_io+0x270/0x270
[ 2737.180874]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2737.181973]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2737.183064]  do_syscall_64+0x33/0x40
[ 2737.183844]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2737.184927] RIP: 0033:0x7f7f12293b19
[ 2737.185706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2737.189617] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2737.191204] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2737.192702] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2737.194185] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2737.195665] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2737.197209] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2737.259355] 9pnet: Insufficient options for proto=fd
[ 2737.283495] FAULT_INJECTION: forcing a failure.
[ 2737.283495] name failslab, interval 1, probability 0, space 0, times 0
[ 2737.286550] CPU: 1 PID: 31371 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2737.288242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2737.290139] Call Trace:
[ 2737.290749]  dump_stack+0x107/0x167
[ 2737.291584]  should_fail.cold+0x5/0xa
[ 2737.292470]  ? create_object.isra.0+0x3a/0xa30
[ 2737.293521]  should_failslab+0x5/0x20
[ 2737.294390]  kmem_cache_alloc+0x5b/0x310
[ 2737.295328]  create_object.isra.0+0x3a/0xa30
[ 2737.296339]  kmemleak_alloc_percpu+0xa0/0x100
[ 2737.297377]  pcpu_alloc+0x4e2/0x1240
[ 2737.298251]  __percpu_counter_init+0x10d/0x2d0
[ 2737.299296]  io_uring_alloc_task_context+0xcc/0x6a0
17:44:50 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2737.300608]  ? io_import_iovec+0x1120/0x1120
[ 2737.301818]  ? lock_downgrade+0x6d0/0x6d0
[ 2737.302753]  ? do_raw_spin_lock+0x121/0x260
[ 2737.303740]  ? rwlock_bug.part.0+0x90/0x90
[ 2737.304719]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2737.305808]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2737.306988]  ? alloc_fd+0x2e7/0x670
[ 2737.307825]  io_uring_setup+0x1fbb/0x2980
[ 2737.308783]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2737.309922]  ? wait_for_completion_io+0x270/0x270
[ 2737.311047]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2737.312228]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2737.313400]  do_syscall_64+0x33/0x40
[ 2737.314242]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2737.315394] RIP: 0033:0x7f44bdd8db19
[ 2737.316242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2737.320381] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2737.322115] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2737.323725] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2737.325334] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2737.326930] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2737.328523] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:44:50 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 65)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 2737.404854] FAULT_INJECTION: forcing a failure.
[ 2737.404854] name failslab, interval 1, probability 0, space 0, times 0
[ 2737.407535] CPU: 0 PID: 31412 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2737.409003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2737.410746] Call Trace:
[ 2737.411308]  dump_stack+0x107/0x167
[ 2737.412085]  should_fail.cold+0x5/0xa
[ 2737.412904]  ? vm_area_alloc+0x1c/0x110
[ 2737.413733]  should_failslab+0x5/0x20
[ 2737.414526]  kmem_cache_alloc+0x5b/0x310
[ 2737.415389]  vm_area_alloc+0x1c/0x110
[ 2737.416183]  mmap_region+0x982/0x1500
[ 2737.417005]  do_mmap+0x868/0x1370
[ 2737.417751]  vm_mmap_pgoff+0x198/0x1f0
[ 2737.418579]  ? randomize_page+0xb0/0xb0
[ 2737.419428]  ksys_mmap_pgoff+0x41c/0x560
[ 2737.420279]  ? find_mergeable_anon_vma+0x250/0x250
[ 2737.421318]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2737.422415]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2737.423491]  do_syscall_64+0x33/0x40
[ 2737.424262]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2737.425347] RIP: 0033:0x7fea1df7ab62
[ 2737.426127] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2737.429962] RSP: 002b:00007fea1b4f00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2737.431544] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fea1df7ab62
[ 2737.433033] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2737.434572] RBP: 0000000020ffe000 R08: 0000000000000008 R09: 0000000000000000
[ 2737.436071] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000080
[ 2737.437582] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:45:07 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfdn\"=', @ANYRESHEX=r1])

17:45:07 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:45:07 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:45:07 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 30)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:45:07 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:45:07 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 13)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:45:07 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
dup3(r2, r1, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f0000000000)=0x101)
r3 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r3, 0x0, 0x100000001)

17:45:07 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 66)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:45:07 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2753.849971] 9pnet: Insufficient options for proto=fd
[ 2753.860212] FAULT_INJECTION: forcing a failure.
[ 2753.860212] name failslab, interval 1, probability 0, space 0, times 0
[ 2753.861685] CPU: 1 PID: 31493 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2753.862595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2753.863660] Call Trace:
[ 2753.863970]  dump_stack+0x107/0x167
[ 2753.864397]  should_fail.cold+0x5/0xa
[ 2753.865005]  ? create_object.isra.0+0x3a/0xa30
[ 2753.865709]  should_failslab+0x5/0x20
[ 2753.866239]  kmem_cache_alloc+0x5b/0x310
[ 2753.866713]  create_object.isra.0+0x3a/0xa30
[ 2753.867303]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2753.867956]  kmem_cache_alloc+0x159/0x310
[ 2753.868439]  vm_area_alloc+0x1c/0x110
[ 2753.868884]  mmap_region+0x982/0x1500
[ 2753.869325]  do_mmap+0x868/0x1370
[ 2753.869728]  vm_mmap_pgoff+0x198/0x1f0
[ 2753.870345]  ? randomize_page+0xb0/0xb0
[ 2753.870822]  ksys_mmap_pgoff+0x41c/0x560
[ 2753.871408]  ? find_mergeable_anon_vma+0x250/0x250
[ 2753.872199]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2753.872800]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2753.873543]  do_syscall_64+0x33/0x40
[ 2753.873983]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2753.874563] RIP: 0033:0x7fea1df7ab62
[ 2753.874987] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2753.875460] FAULT_INJECTION: forcing a failure.
[ 2753.875460] name failslab, interval 1, probability 0, space 0, times 0
[ 2753.877084] RSP: 002b:00007fea1b4f00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2753.877098] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fea1df7ab62
[ 2753.877105] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2753.877112] RBP: 0000000020ffe000 R08: 0000000000000008 R09: 0000000000000000
[ 2753.877119] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000080
[ 2753.877137] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2753.884323] CPU: 0 PID: 31498 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2753.885829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2753.887595] Call Trace:
[ 2753.888167]  dump_stack+0x107/0x167
[ 2753.889021]  should_fail.cold+0x5/0xa
[ 2753.889838]  ? create_object.isra.0+0x3a/0xa30
[ 2753.890815]  should_failslab+0x5/0x20
[ 2753.891618]  kmem_cache_alloc+0x5b/0x310
[ 2753.892485]  create_object.isra.0+0x3a/0xa30
[ 2753.893432]  kmemleak_alloc_percpu+0xa0/0x100
[ 2753.894389]  pcpu_alloc+0x4e2/0x1240
[ 2753.895199]  __percpu_counter_init+0x10d/0x2d0
[ 2753.896179]  io_uring_alloc_task_context+0xcc/0x6a0
[ 2753.897255]  ? io_import_iovec+0x1120/0x1120
[ 2753.898196]  ? lock_downgrade+0x6d0/0x6d0
[ 2753.899078]  ? do_raw_spin_lock+0x121/0x260
[ 2753.899988]  ? rwlock_bug.part.0+0x90/0x90
[ 2753.900899]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2753.901922]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2753.903022]  ? alloc_fd+0x2e7/0x670
[ 2753.903809]  io_uring_setup+0x1fbb/0x2980
[ 2753.904700]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2753.905779]  ? wait_for_completion_io+0x270/0x270
[ 2753.906824]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2753.907955]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2753.909098]  do_syscall_64+0x33/0x40
[ 2753.909891]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2753.910982] RIP: 0033:0x7f44bdd8db19
[ 2753.911768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2753.915893] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2753.917520] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2753.919042] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2753.920572] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2753.922674] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2753.924646] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2753.966111] FAULT_INJECTION: forcing a failure.
[ 2753.966111] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2753.967677] CPU: 1 PID: 31497 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2753.968590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2753.969843] Call Trace:
[ 2753.970238]  dump_stack+0x107/0x167
[ 2753.970665]  should_fail.cold+0x5/0xa
[ 2753.971107]  __alloc_pages_nodemask+0x182/0x600
[ 2753.971791]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2753.972482]  ? cap_capable+0x1cd/0x230
[ 2753.973094]  alloc_pages_current+0x187/0x280
[ 2753.973709]  __get_free_pages+0xc/0xa0
[ 2753.974281]  io_uring_setup+0xf9a/0x2980
[ 2753.974856]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2753.975435]  ? wait_for_completion_io+0x270/0x270
[ 2753.975999]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2753.976753]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2753.977348]  do_syscall_64+0x33/0x40
[ 2753.977898]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2753.978605] RIP: 0033:0x7f7f12293b19
[ 2753.979157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2753.981497] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2753.982359] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2753.983173] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2753.984072] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2753.985084] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2753.986128] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:45:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000040)={0x1, 0x5})
sendfile(r0, r1, 0x0, 0x100000001)

17:45:24 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:45:24 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:45:24 executing program 7:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0) (fail_nth: 67)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r8}}, 0x9)
fallocate(r0, 0x8, 0x0, 0x8000)

17:45:24 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 31)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:45:24 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:45:24 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfdn,=', @ANYRESHEX=r1])

17:45:24 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 14)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

[ 2771.632198] FAULT_INJECTION: forcing a failure.
[ 2771.632198] name failslab, interval 1, probability 0, space 0, times 0
[ 2771.632268] FAULT_INJECTION: forcing a failure.
[ 2771.632268] name failslab, interval 1, probability 0, space 0, times 0
[ 2771.633868] CPU: 1 PID: 31617 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2771.637186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2771.638340] Call Trace:
[ 2771.638728]  dump_stack+0x107/0x167
[ 2771.639245]  should_fail.cold+0x5/0xa
[ 2771.639783]  ? io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2771.640561]  should_failslab+0x5/0x20
[ 2771.641095]  kmem_cache_alloc_trace+0x55/0x320
[ 2771.641733]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2771.642483]  io_uring_setup+0x14f6/0x2980
[ 2771.643064]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2771.643766]  ? wait_for_completion_io+0x270/0x270
[ 2771.644452]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2771.645189]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2771.645905]  do_syscall_64+0x33/0x40
[ 2771.646427]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2771.647134] RIP: 0033:0x7f7f12293b19
[ 2771.647652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2771.650201] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2771.651250] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2771.652233] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2771.653235] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2771.654230] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2771.655228] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2771.656262] CPU: 0 PID: 31618 Comm: syz-executor.3 Not tainted 5.10.255 #1
[ 2771.657732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2771.659484] Call Trace:
[ 2771.660054]  dump_stack+0x107/0x167
[ 2771.660800]  should_fail.cold+0x5/0xa
[ 2771.661158] FAULT_INJECTION: forcing a failure.
[ 2771.661158] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2771.661621]  ? io_uring_alloc_task_context+0x4a3/0x6a0
[ 2771.661646]  should_failslab+0x5/0x20
[ 2771.665150]  kmem_cache_alloc_trace+0x55/0x320
[ 2771.666114]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 2771.667210]  ? io_import_iovec+0x1120/0x1120
[ 2771.668157]  ? lock_downgrade+0x6d0/0x6d0
[ 2771.669016]  ? do_raw_spin_lock+0x121/0x260
[ 2771.669936]  ? rwlock_bug.part.0+0x90/0x90
[ 2771.670881]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2771.671918]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2771.673086]  ? alloc_fd+0x2e7/0x670
[ 2771.673886]  io_uring_setup+0x1fbb/0x2980
[ 2771.674794]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2771.675894]  ? wait_for_completion_io+0x270/0x270
[ 2771.676956]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2771.678089]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2771.679220]  do_syscall_64+0x33/0x40
[ 2771.680162]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2771.681451] RIP: 0033:0x7f44bdd8db19
[ 2771.682284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2771.686198] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2771.687798] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2771.689297] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2771.690790] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2771.692273] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2771.693779] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2771.695324] CPU: 1 PID: 31615 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2771.696412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2771.697676] Call Trace:
[ 2771.698048]  dump_stack+0x107/0x167
[ 2771.698548]  should_fail.cold+0x5/0xa
[ 2771.699075]  __alloc_pages_nodemask+0x182/0x600
[ 2771.699715]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2771.700540]  ? walk_mem_res+0x170/0x170
[ 2771.701114]  alloc_pages_current+0x187/0x280
[ 2771.701726]  pte_alloc_one+0x16/0x1a0
[ 2771.702260]  __pte_alloc+0x1d/0x330
[ 2771.702764]  remap_pfn_range_internal+0x9a3/0xf60
[ 2771.703433]  ? lookup_memtype+0x5b/0x200
[ 2771.703995]  ? apply_to_existing_page_range+0x40/0x40
[ 2771.704713]  remap_pfn_range+0xcd/0x160
[ 2771.705274]  ? remap_pfn_range_notrack+0x70/0x70
[ 2771.705922]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 2771.706634]  io_uring_mmap+0x398/0x530
[ 2771.707175]  mmap_file+0x5e/0xe0
[ 2771.707640]  mmap_region+0xc4d/0x1500
[ 2771.708179]  do_mmap+0x868/0x1370
[ 2771.708674]  vm_mmap_pgoff+0x198/0x1f0
[ 2771.709222]  ? randomize_page+0xb0/0xb0
[ 2771.709778]  ksys_mmap_pgoff+0x41c/0x560
[ 2771.710333]  ? find_mergeable_anon_vma+0x250/0x250
[ 2771.711013]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2771.711720]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2771.712427]  do_syscall_64+0x33/0x40
[ 2771.712931]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2771.713630] RIP: 0033:0x7fea1df7ab62
[ 2771.714134] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2771.716636] RSP: 002b:00007fea1b4f00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2771.717683] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fea1df7ab62
[ 2771.718650] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2771.719616] RBP: 0000000020ffe000 R08: 0000000000000008 R09: 0000000000000000
[ 2771.720580] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000080
[ 2771.721556] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2771.739752] 9pnet: Insufficient options for proto=fd
17:45:25 executing program 4:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r2, 0x0, 0x0)
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r3=>0x0) (fail_nth: 15)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:45:25 executing program 6:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0x7d06, &(0x7f0000000180), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x1}, 0x9)

17:45:25 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:45:25 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:45:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0300000004", 0x5, 0x800}], 0x0, &(0x7f0000012800))
syz_io_uring_setup(0x7d06, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000a00)=<r1=>0x0) (fail_nth: 32)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1}, 0x81)

17:45:25 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno\"', @ANYRESHEX=r1])

[ 2771.900635] FAULT_INJECTION: forcing a failure.
[ 2771.900635] name failslab, interval 1, probability 0, space 0, times 0
[ 2771.903259] CPU: 1 PID: 31729 Comm: syz-executor.4 Not tainted 5.10.255 #1
[ 2771.904471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2771.905558] Call Trace:
[ 2771.906004]  dump_stack+0x107/0x167
[ 2771.906456]  should_fail.cold+0x5/0xa
[ 2771.906928]  ? create_object.isra.0+0x3a/0xa30
[ 2771.907488]  should_failslab+0x5/0x20
[ 2771.907958]  kmem_cache_alloc+0x5b/0x310
[ 2771.908452]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 2771.909198]  create_object.isra.0+0x3a/0xa30
[ 2771.909737]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2771.910369]  kmem_cache_alloc_trace+0x151/0x320
[ 2771.910942]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2771.911614]  io_uring_setup+0x14f6/0x2980
[ 2771.912127]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2771.912749]  ? wait_for_completion_io+0x270/0x270
[ 2771.913363]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2771.914012]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2771.914652]  do_syscall_64+0x33/0x40
[ 2771.915110]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2771.915738] RIP: 0033:0x7f7f12293b19
[ 2771.916200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2771.918468] RSP: 002b:00007f7f0f809108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2771.919408] RAX: ffffffffffffffda RBX: 00007f7f123a6f60 RCX: 00007f7f12293b19
[ 2771.920283] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000007d06
[ 2771.921157] RBP: 0000000020000180 R08: 0000000020000080 R09: 0000000020000080
[ 2771.922031] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000080
[ 2771.922901] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2771.933102] ------------[ cut here ]------------
[ 2771.933921] WARNING: CPU: 1 PID: 31615 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270
[ 2771.935062] Modules linked in:
[ 2771.935516] CPU: 1 PID: 31615 Comm: syz-executor.7 Not tainted 5.10.255 #1
[ 2771.936442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2771.937610] RIP: 0010:get_pat_info+0x216/0x270
[ 2771.938349] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 51 89 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 3a 89 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 15 ad 5a 00 e9
[ 2771.941293] RSP: 0018:ffff888015bd7890 EFLAGS: 00010246
[ 2771.941997] RAX: 0000000000040000 RBX: ffff888019a1ad00 RCX: ffffc90006bd1000
[ 2771.943847] RDX: 0000000000040000 RSI: ffffffff81125456 RDI: 0000000000000007
[ 2771.946367] RBP: ffff888015bd7948 R08: 0000000000000000 R09: ffff888015bd7818
[ 2771.948705] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028
[ 2771.950496] R13: 1ffff11002b7af12 R14: 0000000000000000 R15: ffff888019a1ad50
[ 2771.952248] FS:  00007fea1b4f0700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 2771.954203] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2771.955061] CR2: 00007f44bde0d543 CR3: 000000001bbf8000 CR4: 0000000000350ee0
[ 2771.956074] Call Trace:
[ 2771.956401]  ? pgprot_writethrough+0xc0/0xc0
[ 2771.957026]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2771.957818]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2771.958498]  ? trace_hardirqs_on+0x5b/0x180
[ 2771.959180]  untrack_pfn+0xdc/0x240
[ 2771.959778]  ? track_pfn_insert+0x150/0x150
[ 2771.960308]  ? untrack_pfn+0x2/0x240
[ 2771.960912]  unmap_single_vma+0x1bc/0x300
[ 2771.961431]  zap_page_range_single+0x2ce/0x450
[ 2771.962136]  ? unmap_single_vma+0x300/0x300
[ 2771.962814]  ? remap_pfn_range_internal+0xc56/0xf60
[ 2771.963420]  ? lookup_memtype+0x5b/0x200
[ 2771.964074]  ? apply_to_existing_page_range+0x40/0x40
[ 2771.964860]  remap_pfn_range+0x139/0x160
[ 2771.965365]  ? remap_pfn_range_notrack+0x70/0x70
[ 2771.966093]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 2771.966876]  io_uring_mmap+0x398/0x530
[ 2771.967361]  mmap_file+0x5e/0xe0
[ 2771.967931]  mmap_region+0xc4d/0x1500
[ 2771.968403]  do_mmap+0x868/0x1370
[ 2771.968975]  vm_mmap_pgoff+0x198/0x1f0
[ 2771.969460]  ? randomize_page+0xb0/0xb0
[ 2771.970099]  ksys_mmap_pgoff+0x41c/0x560
[ 2771.970741]  ? find_mergeable_anon_vma+0x250/0x250
[ 2771.971332]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2771.972027]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2771.972791]  do_syscall_64+0x33/0x40
[ 2771.973252]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2771.974017] RIP: 0033:0x7fea1df7ab62
[ 2771.974466] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2771.976778] RSP: 002b:00007fea1b4f00f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2771.977835] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fea1df7ab62
[ 2771.978852] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2771.979810] RBP: 0000000020ffe000 R08: 0000000000000008 R09: 0000000000000000
[ 2771.980811] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000080
[ 2771.981795] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2771.982818] irq event stamp: 3659
[ 2771.983238] hardirqs last  enabled at (3667): [<ffffffff8129bf5d>] console_unlock+0x92d/0xb40
[ 2771.984305] hardirqs last disabled at (3680): [<ffffffff83e8397b>] sysvec_apic_timer_interrupt+0xb/0xa0
[ 2771.985515] softirqs last  enabled at (2602): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 2771.986769] softirqs last disabled at (3713): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 2771.987922] ---[ end trace 154a1a5b3a938d2e ]---
[ 2772.036611] 9pnet: Insufficient options for proto=fd
[ 2772.038547] FAULT_INJECTION: forcing a failure.
[ 2772.038547] name failslab, interval 1, probability 0, space 0, times 0
[ 2772.041547] CPU: 0 PID: 31740 Comm: syz-executor.3 Tainted: G        W         5.10.255 #1
[ 2772.043290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2772.045093] Call Trace:
[ 2772.045654]  dump_stack+0x107/0x167
[ 2772.046459]  should_fail.cold+0x5/0xa
[ 2772.047279]  ? create_object.isra.0+0x3a/0xa30
[ 2772.048278]  should_failslab+0x5/0x20
[ 2772.049091]  kmem_cache_alloc+0x5b/0x310
[ 2772.049977]  create_object.isra.0+0x3a/0xa30
[ 2772.050926]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2772.052011]  kmem_cache_alloc_trace+0x151/0x320
[ 2772.053024]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 2772.054126]  ? io_import_iovec+0x1120/0x1120
[ 2772.055064]  ? lock_downgrade+0x6d0/0x6d0
[ 2772.055951]  ? do_raw_spin_lock+0x121/0x260
[ 2772.056874]  ? rwlock_bug.part.0+0x90/0x90
[ 2772.057787]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2772.058803]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2772.059898]  ? alloc_fd+0x2e7/0x670
[ 2772.060717]  io_uring_setup+0x1fbb/0x2980
[ 2772.061635]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2772.062735]  ? wait_for_completion_io+0x270/0x270
[ 2772.063799]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2772.064917]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2772.066038]  do_syscall_64+0x33/0x40
[ 2772.066830]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2772.067944] RIP: 0033:0x7f44bdd8db19
[ 2772.068753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2772.072709] RSP: 002b:00007f44bb303108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2772.074341] RAX: ffffffffffffffda RBX: 00007f44bdea0f60 RCX: 00007f44bdd8db19
[ 2772.075882] RDX: 0000000020ffc000 RSI: 00000000200002c0 RDI: 0000000000007d06
[ 2772.077406] RBP: 00000000200002c0 R08: 0000000020000a00 R09: 0000000020000a00
[ 2772.078943] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000a00
[ 2772.080478] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000
17:45:25 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x3ba4141e, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)

17:45:25 executing program 2:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)="afc9", 0x2, 0xffffff)
write$P9_RREADDIR(r0, 0x0, 0x122)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000440)={0x1, &(0x7f0000000400)=[{0x63, 0x40, 0x81, 0x8}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x1000}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000005c0)=""/4096, 0x1000, 0x5)
finit_module(r2, &(0x7f0000000000)='\x00', 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
read(r3, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000015c0)=ANY=[@ANYBLOB="00000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff010000fcf000000100000000000000f70500000000000001000000000000000200000000000000000000000000000000000000000000000000000000000000050000000300000015107c3700000000fb00000000000000280e000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ebe5f27cf8c2f78fef05d86"])
syz_io_uring_setup(0x7d06, &(0x7f0000000180)={0x0, 0xf051}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r5, 0x0, 0x9)


VM DIAGNOSIS:
17:45:25  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff8160261b RDX=ffff88800f0d1a40
RSI=0000000000000001 RDI=0000000000000000 RBP=1ffff11002dbdeff RSP=ffff888016def7e8
R8 =0000000000000001 R9 =ffffea0000ab7a33 R10=0000000000000000 R11=0000000000000001
R12=ffff88800db55900 R13=00007f958dd54000 R14=800000002cd42005 R15=0000000000000000
RIP=ffffffff8140d704 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f958d9d48c0 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f3d34993004 CR3=0000000017414000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f3d345627c000007f3d345627c8
XMM02=00007f3d345627e000007f3d345627c0 XMM03=00007f3d345627c800007f3d345627c0
XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822e8db1 RDI=ffffffff879fa240 RBP=ffffffff879fa200 RSP=ffff888015bd72a0
R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001
R12=0000000000000035 R13=0000000000000035 R14=ffffffff879fa200 R15=dffffc0000000000
RIP=ffffffff822e8e08 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fea1b4f0700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f44bde0d543 CR3=000000001bbf8000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000